Amos Stealer targets macOS users through fake downloads, stealing Keychain files, browser passwords, cookies, and developer configs for data theft.

Zimperium researchers discover a new mobile Trojan that hijacks clipboards, blocks bank calls, and takes complete control of Android devices.

Hackers are using fake Claude Code guide and AI PDFs to spread AsyncRAT malware via Windows attack using PowerShell and Defender exclusions.

The Justice Department and FBI seized 13 fake consulting websites that officials say targeted US clearance holders with paid research work designed to obtain sensitive government information.

ReversingLabs reveals how hackers exploit social media engagement metrics to deliver Vidar infostealer malware to thousands of unsuspecting users.

Maine Attorney General portal lists a Discord breach notice claiming 10 million affected, but odd filing details leave it unverified and questionable.

Operation FlutterBridge uses fake Google ads and shell companies to deploy FlutterShell, a new macOS backdoor targeting unsuspecting users.

Cybersecurity firm Resecurity reports Silent Ransom Group is using a fast flux botnet to hide data leak sites while targeting law firms with theft and vishing.

Authorities in Laos detained 73 foreign nationals suspected of involvement in telecom and online scam operations during two separate enforcement actions carried out in the first week of June, according to police reports. The arrests took place in Vientiane Province and Vientiane Capital. In Vientiane Province, police detained 49 foreign nationals during coordinated inspections conducted […]

From SIM swap protection to remote provisioning, eSIMs are quickly replacing physical SIM cards. Here’s why the shift matters for security and convenience.

Fake ChatGPT desktop app ads pushed password-stealing malware by abusing trusted AI links, hiding from scanners, and tricking users into downloads.

GoDaddy researchers found WordPress malware using Steam Community profile comments to hide encoded command and control data, with nearly 1,980 sites affected.

When a predator contacts a child through an online platform, the details of how it happened often expose…

Hackers are using fake purchase order emails and process hollowing to deploy fileless PureLogs malware to steal Windows users' browser, crypto, and Discord data.

A malicious Codex UI npm package with 27,000 weekly downloads was caught exfiltrating OpenAI refresh tokens, exposing developers to account takeover risks.

Iran’s Nimbus Manticore hackers used trojanized Zoom installers to deploy malware against US firms during a wider IRGC linked cyber campaign.

"Vulnerability Reports" zur wp-cron.php sind ein Klassiker unter den Scam-Mails. Kurze Einordnung: ist das ein P1-Bug? Nein. Was wirklich hilft, sind Rate Limiting in nginx oder die lokale Ausfuehrung per Cronjob.

FBI warns of Kali365, a PaaS scam kit that lets cybercriminals bypass MFA and hijack Microsoft 365 accounts without passwords.

Cybersecurity researchers expose a 10-month global Android malware campaign using fake apps to secretly charge users through premium SMS bills.

Banana RAT malware hidden in fake invoices and security update screens targets customers at 16 Brazilian banks stealing data with QR fraud.

Vermutlich hat sie jeder schon mal bekommen: Fake-SMS, die einem ans hart verdiente Geld wollen. Oder auch Anrufe von unbekannten Nummern bzw. von Nummern aus dem Ausland. Ich will nicht sagen, dass das erst durch KI gekommen ist, aber es fällt auf, dass es durch KI deutlich zugenommen hat. Seh ich zum Beispiel sehr deutlich, …

Scammers are mailing fake Ledger phishing letters to users in Italy with QR codes that trick crypto wallet users into revealing seed phrases.

Hackers are using Fake interview apps to spread JobStealer malware on macOS and Windows to steal crypto wallets, browser data, and passwords.

毎日搾取されながらも、自分より賢そうな人間がもっともらしい説明で「すべて合法で正当だ」と言う世界に生きていれば、制度への信頼、専門家への信頼、合法的プロセスへの信頼をすべて投げ捨て、自分のために不正をしてやると約束する独裁者に身を委ねたくなる。それは当然のことだ。

The post 金融という名のイカサマ first appeared on p2ptk[.]org.

Researchers at Ontinue have discovered an undocumented malware campaign targeting developers with fake Claude Code installers to steal browser passwords and cookies.

Operation HumanitarianBait uses fake aid documents, GitHub-hosted payloads, and Python spyware to target Russian-speaking victims.

Romanian national Gavril Sandu faces up to 30 years in a US prison after extradition over a VOIP vishing and fake debit card fraud scheme.

Hackers are abusing Vercel GenAI to create convincing phishing sites that mimic major brands, including Microsoft, Adidas, and Nike, making scams harder to detect.

Matthew Knoot and Erick Prince have been jailed for 18 months each for helping North Korean hackers infiltrate US firms through remote laptop farms.

JDownloader confirms a security breach where hackers manipulated official download links to distribute malicious files between 6 and 7 May 2026.