Cybercrime Archives - Page 3 of 417

Pierluigi Paganini July 24, 2025

Coyote malware is first-ever malware abusing Windows UI Automation

New Coyote malware uses Windows UI Automation to steal banking credentials, targeting Brazilian users across 75 banks and crypto platforms. Coyote malware is now the first to exploit Microsoft’s UI Automation framework in the wild, validating prior warnings from Akamai researchers in December 2024. The UI Automation (UIA) framework is a Microsoft accessibility framework that […]

Pierluigi Paganini July 24, 2025

Stealth backdoor found in WordPress mu-Plugins folder

A new stealth backdoor has been discovered in the WordPress mu-plugins folder, granting attackers persistent access and control over compromised sites. Sucuri researchers found a stealthy backdoor hidden in WordPress’s “mu-plugins” folder. These plugins auto-run and allow attackers to stay hidden in admin, and maintain persistence. “must-use plugins” are special WordPress plugins that cannot be […]

Pierluigi Paganini July 23, 2025

French Authorities confirm XSS.is admin arrested in Ukraine

French authorities announced the arrest in Ukraine of an alleged administrator of the long-running cybercrime forum XSS.is. A joint investigation conducted by French police, Ukrainian authorities, and Europol led to the arrest of the suspected administrator of the major Russian-speaking cybercrime forum xss.is. “The Paris prosecutor’s office announced on Wednesday, July 23, that an individual […]

Pierluigi Paganini July 20, 2025

Security Affairs newsletter Round 533 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release Authorities released free decryptor for Phobos and […]

Pierluigi Paganini July 20, 2025

Radiology Associates of Richmond data breach impacts 1.4 million people

A data breach at Radiology Associates of Richmond has exposed the personal and health information of over 1.4 million individuals. Radiology Associates of Richmond has disclosed a data breach that impacted personal and health information of over 1.4 million individuals. Radiology Associates of Richmond (RAR) is a private radiology practice founded in 1905 and based […]

Pierluigi Paganini July 18, 2025

Authorities released free decryptor for Phobos and 8base ransomware

Japanese police released a free decryptor for Phobos and 8Base ransomware, letting victims recover files without paying ransom. Japanese authorities released a free decryptor for Phobos and 8Base ransomware, allowing victims to recover files without paying. Japanese police released the free decryptor for ransomware families, which was likely built using intel from a recent gang […]

Pierluigi Paganini July 18, 2025

Anne Arundel Dermatology data breach impacts 1.9 million people

Hackers breached Anne Arundel Dermatology systems for three months, potentially exposing personal and health data of 1.9 million people. Anne Arundel Dermatology is a physician-owned and managed dermatology group headquartered in Maryland, founded over 50 years ago. It’s one of the largest dermatology providers in the Mid‑Atlantic and Southeastern United States, operating more than 100 […]

Pierluigi Paganini July 17, 2025

Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

Ransomware group Stormous claims it stole data from 600,000 North Country HealthCare patients across 14 sites in northern Arizona. The Stormous ransomware gang claims it has stolen personal and health data belonging to 600,000 patients from health provider North Country HealthCare. North Country HealthCare is a nonprofit, federally qualified health center (FQHC) based in northern […]

Pierluigi Paganini July 17, 2025

United Natural Foods Expects $400M revenue impact from June cyber attack

United Natural Foods Projects (UNFI) expects a $350–$400M sales hit from a June cyberattack, with $50–$60M in net income impact. United Natural Foods, Inc. (UNFI), the main distributor for Amazon’s Whole Foods, said the June 2025 cyberattack will slash its fiscal 2025 sales by $350 to $400 million. United Natural Foods, Inc. (UNFI) is a Providence, Rhode […]

Pierluigi Paganini July 17, 2025

UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations

UNC6148 targets SonicWall devices with Overstep malware, using a backdoor and rootkit for data theft, extortion, or ransomware. Google’s Threat Intelligence Group warns that a threat actor tracked as UNC6148 has been targeting SonicWall SMA appliances with new malware dubbed Overstep. Active since at least October 2024, the group uses a backdoor and user-mode rootkit […]

Cybercrime

Coyote malware is first-ever malware abusing Windows UI Automation

Stealth backdoor found in WordPress mu-Plugins folder

French Authorities confirm XSS.is admin arrested in Ukraine

Security Affairs newsletter Round 533 by Pierluigi Paganini – INTERNATIONAL EDITION

Radiology Associates of Richmond data breach impacts 1.4 million people

Authorities released free decryptor for Phobos and 8base ransomware

Anne Arundel Dermatology data breach impacts 1.9 million people

Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

United Natural Foods Expects $400M revenue impact from June cyber attack

UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Over 100 Dell models exposed to critical ControlVault3 firmware bugs

How CTEM Boosts Visibility and Shrinks Attack Surfaces in Hybrid and Cloud Environments

WhatsApp cracks down on 6.8M scam accounts in global takedown

Trend Micro fixes two actively exploited Apex One RCE flaws

U.S. CISA adds D-Link cameras and Network Video Recorder flaws to its Known Exploited Vulnerabilities catalog

QUICK LINKS

Cybercrime

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!