Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 6

Fake Mac fixes trick users into installing new Shamos infostealer

A new infostealer malware targeting Mac devices, called ‘Shamos,’ is targeting Mac devices in ClickFix attacks that impersonate troubleshooting guides and fixes.

The new malware, which is a variant of the Atomic macOS Stealer (AMOS), was developed by the cybercriminal group “COOKIE SPIDER,” and is used to steal data and credentials stored in web browsers, Keychain items, Apple Notes, and cryptocurrency wallets.

CrowdStrike, which detected Shamos, reports that the malware has attempted infections against over three hundred environments worldwide that they monitor since June 2025.

New Trends in Bio hacking What Works and What Doesn’t

Biohacking shouldn’t feel like a full-time job—or a scam. If you’re tired of chasing every shiny new trend without results to show for it, this session is your reset button. We’ll break down what’s worth your effort, what’s just a fad, and how to build a strategy that actually works for you.

Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft

A 20-year-old member of the notorious cybercrime gang known as Scattered Spider has been sentenced to ten years in prison in the U.S. in connection with a series of major hacks and cryptocurrency thefts.

Noah Michael Urban pleaded guilty to charges related to wire fraud and aggravated identity theft back in April 2025. News of Urban’s sentencing was reported by Bloomberg and Jacksonville news outlet News4JAX.

In addition, 120 months in federal prison, Urban faces an additional three years of supervised release and has been ordered to pay $13 million in restitution to victims. In a statement shared with security journalist Brian Krebs, Urban called the sentence unjust.

North Korea Uses GitHub in Diplomat Cyber Attacks as IT Worker Scheme Hits 320+ Firms

“The attackers leveraged GitHub, typically known as a legitimate developer platform, as a covert command-and-control channel,” Trellix researchers Pham Duy Phuc and Alex Lanstein said.

The infection chains have been observed to rely on trusted cloud storage solutions like Dropbox and Daum Cloud, an online service from South Korean internet conglomerate Kakao Corporation, in order to deliver a variant of an open-source remote access trojan called Xeno RAT that grants the threat actors to take control of compromised systems.

The campaign is assessed to be the work of a North Korean hacking group called Kimsuky, which was recently linked to phishing attacks that employ GitHub as a stager for an Xeno RAT known as MoonPeak. Despite the infrastructure and tactical overlaps, there are indications that the phishing attacks match China-based operatives.

AI learns the language of code to outsmart cyber threats

A software vulnerability checker with the potential to become a repair shop could keep critical computer systems one step ahead.

High-profile cyberattacks, such as the one that compromised British retailer Marks & Spencer’s customer data in April 2025, highlight the need for better ways to detect software vulnerabilities in the computer systems that increasingly control everything, from oil pipelines to hospital records.

To help, an international research team including Khalifa University’s Merouane Debbah, has developed SecureQwen, a smart software checker that automatically detects and flags vulnerabilities for repair. Powered by an AI model trained in the language of computer code, SecureQwen could even identify weaknesses that it had not explicitly been taught or come upon before.

/* */