en
Feedback
Latest Cyber-Attack News

Latest Cyber-Attack News

Open in Telegram

Latest cybersecurity incidents and malware threats.

Show more
USA8 622Technologies & Applications26 326
2 842
Subscribers
+524 hours
+187 days
+2130 days

Data loading in progress...

Similar Channels
The Hacker News
161.8K
The Hacker News
Cyber Security News
55.5K
Cyber Security News
CVE Notify
19.0K
CVE Notify
BleepingComputer
10.8K
BleepingComputer
Vulnerability Management and more
2.8K
Vulnerability Management and more
avatar
1
More channels
Tags Cloud
threat28
attack21
researcher18
actor15
cybercriminal14
cybersecurity11
breach10
cryptocurrency9
deepseek9
exploitation9
hacker8
cve-20257
gridinsoft7
captcha6
exploit6
microsoft6
cyber5
database5
developer5
engineering5
Incoming and Outgoing Mentions
---
---
---
---
---
---
Attracting Subscribers
June '26
June '26
+57
in 0 channels
May '26
+36
in 0 channels
Get PRO
April '26
+24
in 0 channels
Get PRO
March '26
+34
in 0 channels
Get PRO
February '26
+35
in 0 channels
Get PRO
January '26
+42
in 0 channels
Get PRO
December '25
+91
in 0 channels
Get PRO
November '25
+90
in 0 channels
Get PRO
October '25
+131
in 0 channels
Get PRO
September '25
+149
in 0 channels
Get PRO
August '25
+175
in 0 channels
Get PRO
July '25
+154
in 0 channels
Get PRO
June '25
+126
in 0 channels
Get PRO
May '25
+74
in 0 channels
Get PRO
April '25
+162
in 0 channels
Get PRO
March '25
+103
in 0 channels
Get PRO
February '25
+100
in 0 channels
Get PRO
January '25
+96
in 0 channels
Get PRO
December '24
+83
in 0 channels
Get PRO
November '24
+72
in 0 channels
Get PRO
October '24
+80
in 0 channels
Get PRO
September '24
+73
in 0 channels
Get PRO
August '24
+90
in 0 channels
Get PRO
July '24
+89
in 0 channels
Get PRO
June '24
+64
in 0 channels
Get PRO
May '24
+71
in 0 channels
Get PRO
April '24
+72
in 0 channels
Get PRO
March '24
+83
in 0 channels
Get PRO
February '24
+73
in 0 channels
Get PRO
January '24
+70
in 0 channels
Get PRO
December '23
+1 478
in 0 channels
Date
Subscriber Growth
Mentions
Channels
18 June+2
17 June+6
16 June+3
15 June+4
14 June+3
13 June+3
12 June+3
11 June+3
10 June+3
09 June+3
08 June+6
07 June+1
06 June+1
05 June+5
04 June0
03 June+3
02 June+4
01 June+4
Channel Posts
Latest Cyber-Attack News
Social Security Statement Email Scam Uses ScreenConnect A fake Social Security Statement email we analyzed did not stop at cr
Social Security Statement Email Scam Uses ScreenConnect A fake Social Security Statement email we analyzed did not stop at credential phishing. The message pushed the reader through a fake document viewer and delivered ScreenConnect.ClientSetup.exe, a remote-access client that can give an outside operator control of the affected PC. In this June 2026 sample, the lure used the subject… https://blog.gridinsoft.com/social-security-statement-screenconnect-scam/

2
CryptoBandits.A USB Clipper Microsoft says Trojan:Win32/CryptoBandits.A is part of a Windows crypto-clipper campaign that has
CryptoBandits.A USB Clipper Microsoft says Trojan:Win32/CryptoBandits.A is part of a Windows crypto-clipper campaign that has been active since February 2026 and spreads through malicious USB shortcut files. The practical risk is direct: a user opens what looks like a normal document shortcut, the malware stages a worm and stealer, then monitors the clipboard for wallet addresses,… https://blog.gridinsoft.com/trojan-win32-cryptobandits-usb-crypto-clipper/
65
3
Tiflux RMM Malware: Unauthorized Remote Access Cleanup Tiflux RMM is not malware by itself, but an unexpected Tiflux install
Tiflux RMM Malware: Unauthorized Remote Access Cleanup Tiflux RMM is not malware by itself, but an unexpected Tiflux install after a service-agreement or secured-document email should be treated as unauthorized remote access. In the campaign Huntress documented, a signed MSI installer named Network Solutions Agreement.msi installed Tiflux components, then the activity expanded into remote-control tooling such as Splashtop, ScreenConnect, and… https://blog.gridinsoft.com/tiflux-rmm-malware-removal/
57
4
Potemkin Loader Turns ClickFix Into 11-Host Intrusion Huntress says a recent ClickFix intrusion began with a fake verificatio
Potemkin Loader Turns ClickFix Into 11-Host Intrusion Huntress says a recent ClickFix intrusion began with a fake verification prompt and ended with Potemkin Loader, RMMProject, and EtherRAT activity across more than 11 hosts. The important part is not the prompt itself; it is what happened after the user pasted a command into the Windows Run dialog. The first system became a… https://blog.gridinsoft.com/potemkin-loader-clickfix-rmmproject/
138
5
Fake Slack Download Malware: Hidden Desktop Cleanup A fake Slack download is not a Slack problem; it is a source-verification
Fake Slack Download Malware: Hidden Desktop Cleanup A fake Slack download is not a Slack problem; it is a source-verification problem. Slack is legitimate software, but a lookalike download from an unfamiliar domain can install the real app while a second loader works in the background. In the slacks[.]pro campaign reported in April 2026, the file name looked like a normal… https://blog.gridinsoft.com/fake-slack-download-malware/
232
6
Fake FACEIT Steam Login Scam A convincing fake FACEIT verification page is using a copied Steam sign-in window to steal gamer
Fake FACEIT Steam Login Scam A convincing fake FACEIT verification page is using a copied Steam sign-in window to steal gamer accounts, Steam Guard codes, and valuable CS2 items. Malwarebytes reported the campaign on June 12, 2026, after finding lookalike verification domains that push players toward a fake “Sign in through Steam” flow instead of the real Steam login… https://blog.gridinsoft.com/faceit-steam-login-scam/
289
7
TikTok Tutorials Push Vidar Stealer Through PowerShell Short-form tutorials on TikTok and Instagram Reels are being used as a
TikTok Tutorials Push Vidar Stealer Through PowerShell Short-form tutorials on TikTok and Instagram Reels are being used as a malware delivery channel, with videos promising free Spotify Premium, Windows activation, Microsoft Office, or similar shortcuts. ReversingLabs reported two active social-video lure patterns on June 9, 2026: one pushes viewers toward suspicious download pages, while another walks them through copy-pasting PowerShell commands… https://blog.gridinsoft.com/tiktok-vidar-powershell-videos/
297
8
FlutterShell Backdoor on Mac: Operation FlutterBridge Cleanup Guide FlutterShell is a macOS backdoor reported in the Operatio
FlutterShell Backdoor on Mac: Operation FlutterBridge Cleanup Guide FlutterShell is a macOS backdoor reported in the Operation FlutterBridge malvertising campaign. If you installed a Mac app such as a podcast player or PDF tool from a sponsored result, YouTube ad, or unfamiliar download page, treat the Mac as potentially exposed until you check the app, Chrome settings, Login Items, LaunchAgents,… https://blog.gridinsoft.com/fluttershell-mac-backdoor/
260
9
$ETHFI and Kinetiq Vote Rewards Scam: Fake Vote Pages Fake $ETHFI Vote Rewards and Kinetiq Vote Rewards pages are crypto wall
$ETHFI and Kinetiq Vote Rewards Scam: Fake Vote Pages Fake $ETHFI Vote Rewards and Kinetiq Vote Rewards pages are crypto wallet-drainer scams, not legitimate governance or staking rewards. The known lures use domains such as vote-ethfi.app and reward-kinetiq.xyz to push a wallet connection, token approval, or signature request. Do not connect a wallet, do not approve transactions, and never… https://blog.gridinsoft.com/ethfi-kinetiq-vote-rewards-scam/
225
10
Ghost-Sender Spoofing Ghost-Sender is a newly disclosed Exchange Online spoofing issue that matters most to organizations usi
Ghost-Sender Spoofing Ghost-Sender is a newly disclosed Exchange Online spoofing issue that matters most to organizations using Microsoft 365 mailboxes behind an external MX gateway, such as a third-party spam filter or on-premises mail gateway. InfoGuard researchers found that in vulnerable setups, an attacker can send mail directly to the tenant’s Exchange Online Protection endpoint and… https://blog.gridinsoft.com/ghost-sender-exchange-online-spoofing/
255
11
Chrome CVE-2026-11645 Zero-Day Google has released Chrome 149 for Windows, macOS, Linux, and Android after fixing 74 security
Chrome CVE-2026-11645 Zero-Day Google has released Chrome 149 for Windows, macOS, Linux, and Android after fixing 74 security issues. The urgent item for everyday users is CVE-2026-11645, an out-of-bounds memory access flaw in V8. Google says an exploit for this CVE exists in the wild, so the practical response is simple: update Chrome and fully… https://blog.gridinsoft.com/chrome-cve-2026-11645-zero-day/
279
12
Argamal RAT in Game Archives A recent security investigation details Argamal, a Windows remote access trojan distributed thro
Argamal RAT in Game Archives A recent security investigation details Argamal, a Windows remote access trojan distributed through trojanized adult-game downloads. The practical risk is not the game category itself, but the archive workflow: a user follows a download link, receives a ZIP package, runs the game, and a modified library chain quietly drops a RAT that can give… https://blog.gridinsoft.com/argamal-rat-trojanized-game-downloads/
313
13
Fake Crypto Casino Scams: Celebrity Promos and Withdrawal Traps A fake crypto casino scam is not just a risky gambling site.
Fake Crypto Casino Scams: Celebrity Promos and Withdrawal Traps A fake crypto casino scam is not just a risky gambling site. It is usually a staged platform built to make a bonus balance look real, then block withdrawals until the victim sends a cryptocurrency “verification” deposit. If a casino link came from Discord, Facebook, TikTok, YouTube Shorts, a hacked friend, or a celebrity… https://blog.gridinsoft.com/fake-crypto-casino-scam/
372
14
Hola Browser Miner Sophos X-Ops says a Windows build path for Hola Browser delivered an unexpected executable named me.exe th
Hola Browser Miner Sophos X-Ops says a Windows build path for Hola Browser delivered an unexpected executable named me.exe that behaves like a cryptominer. The practical issue is not just the browser name: users who installed or updated Hola Browser should check whether C:Program FilesHolame.exe, HolaMonitorService.exe, or the Windows service… https://blog.gridinsoft.com/hola-browser-miner-me-exe/
327
15
WeedHack Minecraft Malware McAfee Labs is warning about WeedHack, a Minecraft-focused malware-as-a-service campaign that hide
WeedHack Minecraft Malware McAfee Labs is warning about WeedHack, a Minecraft-focused malware-as-a-service campaign that hides inside fake mods, hacked clients, cheats, and utilities. The practical risk is simple: a downloaded JAR that looks like a game add-on can steal Minecraft session data, browser passwords, cryptocurrency wallet data, Discord or Steam tokens, and in paid builds even give… https://blog.gridinsoft.com/weedhack-minecraft-malware/
364
16
Android CVE-2025-48595 Patch Google’s June 2026 Android Security Bulletin includes a warning that CVE-2025-48595, a high-seve
Android CVE-2025-48595 Patch Google’s June 2026 Android Security Bulletin includes a warning that CVE-2025-48595, a high-severity Android Framework escalation-of-privilege flaw, may already be used in limited, targeted attacks. The practical step is straightforward: install the June 2026 Android security update as soon as your device maker provides it, then confirm that the security patch level… https://blog.gridinsoft.com/android-cve-2025-48595-patch/
370
17
Steam C2 Backdoor WordPress site owners should treat the new Steam Community profile abuse reported by GoDaddy Security as a
Steam C2 Backdoor WordPress site owners should treat the new Steam Community profile abuse reported by GoDaddy Security as a backdoor cleanup problem, not as a gaming-platform issue. Researchers say the malware hides command-and-control data inside Steam profile comments with invisible Unicode characters, decodes that data inside WordPress, injects an external JavaScript file on public pages, and… https://blog.gridinsoft.com/steam-c2-wordpress-malware-backdoor/
365
18
World Cup 2026 Ticket Scam: Fake FIFA Sites to Avoid A World Cup 2026 ticket scam usually starts with a site, ad, message, or
World Cup 2026 Ticket Scam: Fake FIFA Sites to Avoid A World Cup 2026 ticket scam usually starts with a site, ad, message, or resale offer that looks close to FIFA but is not part of the official FIFA ticketing flow. If you are trying to buy match tickets or hospitality packages, type FIFA.com/tickets yourself, check the exact domain before logging in, and… https://blog.gridinsoft.com/world-cup-2026-ticket-scam/
331
19
Netlogon CVE-2026-41089 RCE The Centre for Cybersecurity Belgium has updated its May Microsoft Patch Tuesday warning to say t
Netlogon CVE-2026-41089 RCE The Centre for Cybersecurity Belgium has updated its May Microsoft Patch Tuesday warning to say that CVE-2026-41089, a critical Windows Netlogon remote code execution flaw, is now being exploited in the wild. The practical audience is narrow but important: organizations running Windows Server domain controllers should treat this as an emergency patch… https://blog.gridinsoft.com/netlogon-cve-2026-41089-rce/
295
20
WP Maps Pro CVE-2026-8732 WP Maps Pro CVE-2026-8732 is a critical WordPress plugin flaw that can let an unauthenticated attac
WP Maps Pro CVE-2026-8732 WP Maps Pro CVE-2026-8732 is a critical WordPress plugin flaw that can let an unauthenticated attacker create a new administrator account on sites running vulnerable versions. For a site owner, that is a takeover path, not a minor plugin bug: once a rogue admin exists, the attacker can install plugins, edit theme files, inject… https://blog.gridinsoft.com/wp-maps-pro-cve-2026-8732-admin-takeover/
271
View all posts