- Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassiesby info@thehackernews.com (The Hacker News) on 31/07/2025 at 17:12
The Russian nation-state threat actor known as Secret Blizzard has been observed orchestrating a new cyber espionage campaign targeting foreign embassies located in Moscow by means of an adversary-in-the-middle (AitM) attack at the Internet Service Provider (ISP) level and delivering a custom malware dubbed ApolloShadow. "ApolloShadow has the capability to install a trusted root certificate to
- Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentialsby info@thehackernews.com (The Hacker News) on 31/07/2025 at 15:49
Cybersecurity researchers have disclosed details of a new phishing campaign that conceals malicious payloads by abusing link wrapping services from Proofpoint and Intermedia to bypass defenses. "Link wrapping is designed by vendors like Proofpoint to protect users by routing all clicked URLs through a scanning service, allowing them to block known malicious destinations at the moment of click,"
- N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Cryptoby info@thehackernews.com (The Hacker News) on 31/07/2025 at 13:47
The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram. "Under the guise of freelance opportunities for software development work, UNC4899 leveraged social engineering techniques to successfully convince the targeted employees to execute malicious Docker containers in their
- AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Revealsby info@thehackernews.com (The Hacker News) on 31/07/2025 at 11:25
Cyber threats and attacks like ransomware continue to increase in volume and complexity with the endpoint typically being the most sought after and valued target. With the rapid expansion and adoption of AI, it is more critical than ever to ensure the endpoint is adequately secured by a platform capable of not just keeping pace, but staying ahead of an ever-evolving threat landscape.
- UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraudby info@thehackernews.com (The Hacker News) on 31/07/2025 at 10:17
The financially motivated threat actor known as UNC2891 has been observed targeting Automatic Teller Machine (ATM) infrastructure using a 4G-equipped Raspberry Pi as part of a covert attack. The cyber-physical attack involved the adversary leveraging their physical access to install the Raspberry Pi device and have it connected directly to the same network switch as the ATM, effectively placing