Recent content by ✨ Megiddo

The Darcula phishing platform is responsible for the theft of 884,000 bank cards, and victims of hackers around the world clicked on malicious links received via text messages 13 million times. These statistics are cited by analysts from NRK, Bayerischer Rundfunk, Le Monde and Mnemonic in a...

A China-aligned APT threat actor named "TheWizards" abuses an IPv6 networking feature to launch adversary-in-the-middle (AitM) attacks that hijack software updates to install Windows malware. According to ESET, the group has been active since at least 2022, targeting entities in the...

Offensive Security developers have warned Kali Linux users that they will have to manually set a new repository signing key to avoid update failures. The old signing key was lost. Offensive Security reported that they lost the old repository signing key (ED444FF07D8D0BF6) and were forced to...

The FBI is offering up to $10 million for information about members of the Chinese hacking group Salt Typhoon and last year's attack that compromised the networks of several American telecommunications companies. American authorities are promising potential informants not only a generous...

Doctor Web specialists reported the discovery of spyware for Android, the main target of which is Russian military personnel. The Trojan is hidden in a modified version of the Alpine Quest mapping program and is distributed, among other things, through one of the Russian app stores. The malware...

The Elusive Comet group is using a little-known feature called Remote Control in Zoom to take control of a victim’s computer, install malware, and steal cryptocurrency. The issue was discovered by researchers from the nonprofit Security Alliance (SEAL) and Trail of Bits. According to the...

Recently, the media reported that it was only after Pavel Durov was arrested in France last year that Telegram began to comply with EU laws and respond to government requests. Durov commented on these statements on his Telegram channel, saying that the company had always complied with European...

Display Your Advertisement Banner Verified Your Business On Market Verified Vendor Status On Forum Valid Market Leader Of Carding Forum Help And Support Telegram @Megiddo1 Jabber megiddo@jabber.sk

Group-IB experts have published a report on the activities of the extortionist hack group Hunters International. The hackers believe that the use of ransomware has become too risky and are changing their tactics. According to Group-IB analysts, the group's leadership is currently preparing a...

Researchers from the DomainTools Investigations (DTI) community have identified a dozen new .TOP domains used to distribute the SpyNote Android Trojan. The findings imitate Google Play Store pages for downloading various applications. The fakes are designed in English or Chinese. The codes of...

The RedCurl group, which usually specializes in covert corporate espionage, has started using QWCrypt ransomware designed to attack Hyper-V virtual machines. The Russian-language RedCurl hacking group was first discovered by Group-IB specialists in 2020 . The researchers wrote that the group...

On March 31, the Cambodian National Police conducted a special operation in Phnom Penh (the capital of Cambodia), during which a telephone fraud center was liquidated. 186 suspects, citizens of mainland China and Taiwan, were detained at the scene. According to local media, the operation was...

Sucuri analysts have discovered that hackers are using the MU-plugins (Must-Use Plugins) directory in WordPress to hide malicious code and run it without being detected. The technique was first spotted in February 2025, but the pace of its implementation is growing, and attackers are currently...

DeepSeek's rapidly growing popularity amid privacy controversies has attracted the attention of not only users, but also cybercriminals. Fake ads have appeared online, disguised as official Google search results, with the aim of distributing malware. Attackers have targeted those who type...

Over the past week, Roskomnadzor has sent 47 requests to Google to remove applications from the Russian Google Play. All of the specified applications provide access to VPN, and some of them use Cloudflare infrastructure. The publication "Rusbase" reported on the significant activity of the...