A sophisticated cybercriminal group known as Mimo (also referred to as "Mimo’lette" or "Hezb") has rapidly escalated its operations, targeting Magento e-commerce websites in a new wave of attacks aimed at both financial data theft and illicit profit through system hijacking.
Platform Expansion: Craft to Magento
Previously recognized...
AhnLab Security Intelligence Center (ASEC) has uncovered a sophisticated cyberattack campaign leveraging weaponized shortcut (LNK) files, cleverly disguised as credit card security notifications.
The malicious file, named card_detail_20250610.html.lnk, masquerades as an official HTML pop-up for email authentication, targeting unsuspecting banking customers and prompting them to...
The Node.js ecosystem faced a critical supply chain attack this week as several popular npm packages, including eslint-config-prettier and eslint-plugin-prettier were compromised through a coordinated phishing campaign.
The breach highlights growing concerns about the security of open-source maintainers. It highlights the ease with which credentials can be...
Despite a sweeping global law enforcement crackdown in May that resulted in the takedown of over 2,300 malicious domains linked to the notorious Lumma Stealer, new evidence confirms that the malware has reemerged and is more dangerous than ever.
Security researchers report a bounce-back...
A newly uncovered variant of the persistent macOS.ZuRu malware has been detected in the wild, exploiting a compromised version of the popular Termius SSH client.
This sophisticated campaign, targeting developers and IT professionals since late May 2025, utilizes advanced evasion tactics to establish remote...
In a significant evolution of cybercrime tactics, Akamai researchers have unveiled that the notorious Coyote banking trojan is now abusing Microsoft’s UI Automation (UIA) framework to harvest credentials from Brazilian banking and cryptocurrency users.
This marks the first time in-the-wild malware has been definitively...