Cybercrime/malcode – Lifeboat News: The Blog

Nov 10
2025

Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware

Hackers use fake Booking.com pages and ClickFix tactics to infect hotels with PureRAT and steal data.

Nov 10
2025

2026 Technology and Cybersecurity Predictions

Please see attached a list of predictions for where technology and cybersecurity may transcend in 2026. Thanks for reading and sharing! Chuck Brooks.

Note AI enabled but derived entirely from a wide variety of my own published writings interviews, podcasts, and my book “Inside Cyber”

#2026predictions #tech #artificialintelligence #cybersecurity #quantum | on LinkedIn.

Nov 8
2025

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

AI-created VS Code malware and fake npm packages reveal how attackers exploit open-source trust.

Nov 7
2025

ThreatsDay Bulletin: AI Tools in Malware, Botnets, GDI Flaws, Election Attacks & More

This week’s ThreatsDay Bulletin covers AI in malware, botnets, GDI flaws, election cyberattacks, and the latest global security threats.

Nov 6
2025

Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly

Google discovers PROMPTFLUX malware using Gemini AI to rewrite and hide its code for smarter evasion.

Nov 6
2025

Mysterious ‘SmudgedSerpent’ Hackers Target U.S. Policy Experts Amid Iran–Israel Tensions

Proofpoint uncovers UNK_SmudgedSerpent, an Iranian-linked group using fake Teams apps to hack U.S. experts.

Nov 5
2025

Microsoft Detects “SesameOp” Backdoor Using OpenAI’s API as a Stealth Command Channel

Microsoft exposes “SesameOp,” a stealth backdoor abusing OpenAI’s API for secret cyber command control.

Nov 5
2025

Hackers exploit WordPress plugin Post SMTP to hijack admin accounts

Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts.

Post SMTP is a popular email delivery solution marketed as a feature-rich and more reliable replacement of the default ‘wp_mail’ function.

On October 11, WordPress security firm Wordfence received a report from researcher ‘netranger’ about an email log disclosure issue that could be leveraged for account takeover attacks.

Nov 5
2025

Apache OpenOffice disputes data breach claims by ransomware gang

The Apache Software Foundation disputes claims that its OpenOffice project suffered an Akira ransomware attack, after the threat actors claimed to have stolen 23 GB of corporate documents.

Apache OpenOffice is a free, open-source office suite that includes word processing, spreadsheets, presentations, graphics, and database tools. It’s compatible with major file formats, such as Word and Excel, and runs on multiple operating systems.

On October 30th, the Akira ransomware gang claimed it had breached Apache OpenOffice and stolen 23 GB of data, including employee and financial information, as well as internal files.

Nov 5
2025

Malicious Android apps on Google Play downloaded 42 million times

Hundreds of malicious Android apps on Google Play were downloaded more than 40 million times between June 2024 and May 2025, notes a report from cloud security company Zscaler.

During the same period, the company observed a 67% year-over-year growth in malware targeting mobile devices, with spyware and banking trojans being a prevalent risk.

Telemetry data shows that threat actors are shifting from traditional card fraud to exploiting mobile payments using phishing, smishing, SIM-swapping, and payment scams.