VulnHub

Real-time Cybersecurity News

Bitrefill blames North Korean Lazarus group for cyberattack

BleepingComputer

Overview

Bitrefill, a crypto-powered gift card retailer, reported that it suffered a cyberattack earlier this month, which it believes was carried out by the North Korean hacking group known as Lazarus, specifically its Bluenoroff sector. This group is known for targeting financial platforms and cryptocurrency services to steal funds. The attack raises concerns about the security of cryptocurrency transactions and the potential for further targeting of similar online services. As cyberattacks from state-sponsored groups continue to evolve, companies in the crypto space may need to enhance their defenses to protect against such threats. The implications of this incident could lead to increased scrutiny and tighter security measures across the industry.

Key Takeaways

  • Affected Systems: Bitrefill, cryptocurrency services
  • Timeline: Ongoing since early October 2023

Original Article Summary

Crypto-powered gift card store Bitrefill says that the attack it suffered at the beginning of the month was likely perpetrated by North Korean hackers of the Bluenoroff group. [...]

Impact

Bitrefill, cryptocurrency services

Exploitation Status

The exploitation status is currently unknown. Monitor vendor advisories and security bulletins for updates.

Timeline

Ongoing since early October 2023

Remediation

Not specified

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Read Original Article

Related Coverage

Feds keep eyes peeled for Iran cyberattacks, respond to Stryker breach

CyberScoop

U.S. officials are on alert for potential cyberattacks from Iran, particularly following recent geopolitical tensions. Although there hasn't been a noticeable increase in attacks so far, experts from the Department of Defense and CISA are closely monitoring the situation. In a related incident, the federal government has responded to a breach involving Stryker, a medical technology company. While specific details about the Stryker breach are limited, it emphasizes the ongoing risks that critical infrastructure and healthcare sectors face from cyber threats. The situation serves as a reminder for organizations to bolster their cybersecurity measures and remain vigilant against potential attacks.

Mar 19, 2026

Vibe Hacking has arrived – and we have to figure out how to stop it

SCM feed for Latest

The article discusses a new form of hacking called 'vibe hacking,' which uses artificial intelligence to manipulate social interactions and influence user perceptions. This type of attack changes how defenders approach cybersecurity, as it targets the emotional and psychological states of individuals rather than traditional technical vulnerabilities. Researchers warn that these tactics can affect various sectors, including social media platforms, online marketplaces, and any service that relies on user engagement. The implications are significant, as companies must now consider how AI can be weaponized against their user base, making it crucial to develop strategies to counter these innovative threats. As technology evolves, so do the methods of attackers, emphasizing the need for ongoing vigilance and adaptation in cybersecurity practices.

Mar 19, 2026

FBI seizes Handala data leak site after Stryker cyberattack

BleepingComputer

The FBI has taken control of two websites associated with the Handala hacktivist group following a severe cyberattack on Stryker, a major medical technology company. This attack resulted in the destruction of around 80,000 medical devices, raising significant concerns about patient safety and the reliability of healthcare technology. The Handala group claimed responsibility for the attack, which underscores the ongoing risks that organizations in the healthcare sector face from cyber threats. The seizure of these websites aims to disrupt Handala's operations and prevent further attacks. This incident highlights the critical need for enhanced cybersecurity measures in the medical technology industry to protect sensitive devices and patient data.

Mar 19, 2026

Marquis Data Breach Affects 672,000 Individuals

SecurityWeek

The Marquis data breach has affected approximately 672,000 individuals, a significant reduction from earlier estimates that suggested over 1.6 million might be impacted. This breach raises concerns over the security of personal information, as affected individuals may have had their data exposed. The specifics of what data was compromised have not been detailed, but such incidents can lead to identity theft and other forms of fraud. Organizations must take this breach seriously and assess their own data protection measures to prevent similar incidents in the future. The incident serves as a reminder of the vulnerabilities that exist in handling personal data.

Mar 19, 2026

Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376

Security Affairs

A Russian advanced persistent threat (APT) group has been exploiting a critical cross-site scripting (XSS) vulnerability in Zimbra, identified as CVE-2025-66376, with a severity score of 7.2. The attackers are sending HTML emails that contain insufficiently sanitized scripts, which execute when opened by users. This campaign specifically targets individuals in Ukraine, highlighting the ongoing cyber conflict in the region. The exploitation of this vulnerability could allow attackers to compromise user accounts and access sensitive information. Organizations using Zimbra should be particularly vigilant and take immediate action to secure their systems.

Mar 19, 2026

Financial Brands Targeted in Global Mobile Banking Malware Surge

Infosecurity Magazine

A recent surge in mobile banking malware has targeted over 1,200 financial apps worldwide, shifting the focus of fraud from traditional methods to user devices. This malware is designed to compromise mobile banking applications, putting sensitive user information at risk. The attack affects a wide range of banking services, potentially impacting millions of users who rely on their smartphones for financial transactions. As attackers continue to evolve their tactics, it’s crucial for financial institutions to enhance their security measures and for users to remain vigilant about the apps they download and the permissions they grant. The ongoing threat emphasizes the need for increased awareness around mobile security practices among both consumers and companies.

Mar 19, 2026