Latest Intelligence
Attackers Target the Foundations of Crypto: Smart Contracts
The article highlights a growing criminal ecosystem that exploits vulnerabilities in smart contracts to scam users out of their cryptocurrency assets. It also points out that these malicious or vulnerable smart contracts can pose risks to businesses as well. Read Original »
In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment
The article highlights several cybersecurity incidents, including a federal court filing system hack and a data breach involving Chanel. Additionally, Nvidia has publicly rejected the idea of implementing backdoors in its systems, emphasizing security integrity. Read Original »
Black Hat USA 2025 – Summary of Vendor Announcements (Part 4)
The article discusses various companies presenting their cybersecurity products and services at the Black Hat USA 2025 conference in Las Vegas. It highlights the ongoing innovations and announcements made by vendors in the cybersecurity space during this event. Read Original »
Leaked Credentials Up 160%: What Attackers Are Doing With Them
The article discusses the significant increase in leaked credentials, which have risen by 160% and are responsible for 22% of data breaches according to Verizon's 2025 report. It highlights the long-term impact of such leaks on organizations, emphasizing that many cyber breaches start with simple username and password combinations. Read Original »
RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes
A new set of 60 malicious packages has been discovered in the RubyGems ecosystem, masquerading as automation tools to steal user credentials. This malicious activity has been ongoing since at least March 2023, highlighting significant security concerns in software supply chains. Read Original »
Columbia University Data Breach Impacts 860,000
Columbia University has experienced a cyberattack resulting in the theft of personal information belonging to 860,000 individuals, including students, applicants, and employees. This breach highlights significant vulnerabilities in the university's cybersecurity measures. Read Original »
Scammers mass-mailing the Efimer Trojan to steal crypto
The Efimer Trojan is a malicious software that spreads via email and compromised WordPress websites, targeting cryptocurrency users. It is designed to steal digital currencies by substituting wallet addresses in the clipboard, posing a significant threat to users' funds. Read Original »
French Telecom Firm Bouygues Says Data Breach Affects 6.4M Customers
Bouygues, a French telecom firm, has experienced a cyberattack that compromised the personal information of approximately 6.4 million customers. This incident highlights the ongoing risks associated with data security in the telecommunications sector. Read Original »
GreedyBear Steals $1M in Crypto Using 150+ Malicious Firefox Wallet Extensions
The GreedyBear campaign has exploited over 150 malicious Firefox extensions that impersonate well-known cryptocurrency wallets, resulting in over $1 million in stolen digital assets. These fraudulent extensions target users of popular wallets like MetaMask and TronLink. Read Original »
Silver Fox APT Blurs the Line Between Espionage & Cybercrime
Silver Fox is a Chinese threat actor that operates in a dual capacity, engaging in both espionage and cybercrime activities. This versatility allows them to shift between state-sponsored attacks and petty criminal endeavors, complicating the landscape of cybersecurity threats. Read Original »
Air France, KLM Alert Authorities of Data Breach
Air France and KLM have reported a data breach where threat actors accessed personal information. While no financial data was compromised, names, email addresses, and phone numbers were among the information stolen. Read Original »
Prime Security Wins Black Hat's Startup Spotlight Competition
Prime Security emerged as the winner of the Startup Spotlight competition at Black Hat USA with its innovative AI security architect platform. This recognition highlights the growing importance of AI in enhancing cybersecurity solutions. Read Original »
Privilege Escalation Issue in Amazon ECS Leads to IAM Hijacking
A software developer has identified a vulnerability in Amazon's Elastic Container Service (ECS) that allows for privilege escalation and unauthorized access to other cloud resources. This issue arises from the exploitation of an undocumented protocol within ECS. Read Original »
'Samourai' Cryptomixer Founders Plead Guilty to Money Laundering
The founders of the 'Samourai' cryptomixer have pleaded guilty to charges of money laundering. As part of their plea agreement, they are required to forfeit over $200 million. Read Original »
SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others
The SocGholish malware is being distributed through Traffic Distribution Systems (TDSs), allowing threat actors to redirect users to malicious content. This operation utilizes a Malware-as-a-Service model, selling access to infected systems to other cybercriminal organizations. Read Original »