Lucene search
K

16 matches found

The Hacker News
The Hacker News
added 2026/03/28 7:7 a.m.21 views

TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The activity has been attributed with high confidence to the Russian state-sponsored threat group known as...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/21 7:29 a.m.11 views

Google Identifies Three New Russian Malware Families Created by COLDRIVER Hackers

A new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations since May 2025, suggesting an increased "operations tempo" from the threat actor. The findings come from Google Threat Intelligence Group GTIG, which said the...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/09/26 12:45 p.m.3 views

New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks

The Russian advanced persistent threat APT group known as COLDRIVER has been attributed to a fresh round of ClickFix-style attacks designed to deliver two new "lightweight" malware families tracked as BAITSWITCH and SIMPLEFIX. Zscaler ThreatLabz, which detected the new multi-stage ClickFix campai...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/08 6:57 a.m.16 views

Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware

The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an espionage-focused campaign using ClickFix-like social engineering lures. "LOSTKEYS is capable of stealing files from a hard-coded list of extensions and directories, along...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/07 9:16 a.m.17 views

THN Cybersecurity Recap: Top Threats and Trends (Sep 30 - Oct 6)

Ever heard of a "pig butchering" scam? Or a DDoS attack so big it could melt your brain? This week's cybersecurity recap has it all – government showdowns, sneaky malware, and even a dash of app store shenanigans. Get the scoop before it's too late! ⚡ Threat of the Week Double Trouble: Evil Corp&...

8.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/04 1:6 p.m.16 views

U.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown

Microsoft and the U.S. Department of Justice DoJ on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud and abuse in the country. "The Russian government ran this scheme to steal Americans' sensitive...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/15 11:43 a.m.22 views

Russian-Linked Hackers Target Eastern European NGOs and Media

Russian and Belarusian non-profit organizations, Russian independent media, and international non-governmental organizations active in Eastern Europe have become the target of two separate spear-phishing campaigns orchestrated by threat actors whose interests align with that of the Russian...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/29 7:36 a.m.30 views

A week in security (January 22 – January 28)

Last week on Malwarebytes Labs: 10 things to do to improve your online privacy Ring curtails law enforcement’s access to footage Malicious ads for restricted messaging applications target Chinese users Malwarebytes wins every MRG Effitas award for 2 years in a row AI likely to boost ransomware,...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/22 12:24 p.m.13 views

Coldriver threat group targets high-ranking officials to obtain credentials

Researchers at Google’s Threat Analysis Group TAG have published their findings about a group they have dubbed Coldriver. The main targets of the Coldriver group are high-profile individuals in non-governmental organizations NGOs, former intelligence and military officials, and NATO governments...

7.4AI score
Exploits0
hivepro
hivepro
added 2024/01/22 9:38 a.m.14 views

COLDRIVER Expands Beyond Phishing, Incorporating Custom SPICA Backdoor

Summary: The threat actor associated with Russia, known as COLDRIVER or Star Blizard, has expanded its tactics from mere credential harvesting. The group has initiated campaigns where PDFs are employed as lure documents to distribute malware. Notably, COLDRIVER has introduced its first custom...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/18 2:49 p.m.39 views

Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware

The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ever custom malware written in the Rust programming language. Google's Threat Analysis Group TAG, which shared details of the latest activity, said t...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/07 2:36 p.m.42 views

Microsoft Warns of COLDRIVER's Evolving Evasion and Credential-Stealing Tactics

The threat actor known as COLDRIVER has continued to engage in credential theft activities against entities that are of strategic interests to Russia while simultaneously improving its detection evasion capabilities. The Microsoft Threat Intelligence team is tracking under the cluster as Star...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/16 9:35 a.m.53 views

Microsoft Warns About Phishing Attacks by Russia-linked Hackers

Microsoft on Monday revealed it took steps to disrupt phishing operations undertaken by a "highly persistent threat actor" whose objectives align closely with Russian state interests. The company is tracking the espionage-oriented activity cluster under its chemical element-themed moniker...

0.8AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/08/15 4:0 p.m.18 views

Disrupting SEABORGIUM’s ongoing phishing operations

The Microsoft Threat Intelligence Center MSTIC has observed and taken actions to disrupt campaigns launched by SEABORGIUM, an actor Microsoft has tracked since 2017. SEABORGIUM is a threat actor that originates from Russia, with objectives and victimology that align closely with Russian state...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/04 8:34 a.m.33 views

Ukraine War Themed Files Become the Lure of Choice for a Wide Range of Hackers

A growing number of threat actors are using the ongoing Russo-Ukrainian war as a lure in various phishing and malware campaigns, even as critical infrastructure entities continue to be heavily targeted. "Government-backed actors from China, Iran, North Korea and Russia, as well as various...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/03/31 1:2 p.m.147 views

Hackers Increasingly Using 'Browser-in-the-Browser' Technique in Ukraine Related Attacks

A Belarusian threat actor known as Ghostwriter aka UNC1151 has been spotted leveraging the recently disclosed browser-in-the-browser BitB technique as part of their credential phishing campaigns exploiting the ongoing Russo-Ukrainian conflict. The method, which masquerades as a legitimate domain ...

8.8CVSS0.5AI score0.96843EPSS
Exploits38
Rows per page
Query Builder