Threat actors with suspected ties to China and North Korea, including ChamelGang, have been identified in ransomware and data encryption attacks targeting government and critical infrastructure sectors globally between 2021 and 2023.
The latest variant of the Android banking trojan Medusa, now known as TangleBot, poses a significant threat to users’ financial security and privacy by initiating transactions directly on compromised devices and featuring keylogging, screen controls, SMS message reading capabilities, call recording, and unauthorized fund transfers using overlay attacks.
Fraudsters posing as fake lawyers from fictitious law firms target cryptocurrency scam victims with promises to recover stolen funds, resulting in nearly $10 million in losses.
Apple has released firmware updates for its AirPods and Beats products to fix a security vulnerability that could allow unauthorized access to headphones within Bluetooth range.
A supply chain attack involving the Polyfill JavaScript library, owned by Funnull, has injected malware into websites, redirecting users to fraudulent sites, bookmakers, and online casinos.
Snowblind, a novel banking malware strain, utilizes advanced techniques to evade detection and compromise sensitive information on banking apps in Southeast Asia.
