NGate Android malware uses HandyPay NFC app to steal card data
A new variant of the NGate malware that steals NFC payment data is targeting Android users by hiding in a trojanized version of HandyPay, a legitimate mobile payments processing tool. NGate was originally documented in mid-2024 and steals payment card information through the mobile device’s near-field communication (NFC) chip. The data is sent to the […]
KelpDAO suffers $290 million heist tied to Lazarus hackers
State-sponsored North Korean hackers are likely behind the $290 million crypto-heist that impacted the KelpDAO DeFi project on Saturday. The attack reportedly also impacted the lending protocols Compound, Euler, and Aave, with the latter announcing a freeze and blocking new deposits or borrowing using rsETH as collateral. KelpDAO is a decentralized finance (DeFi) project built around liquid […]
China’s Apple App Store infiltrated by crypto-stealing wallet apps
A set of 26 malicious apps on Apple App Store impersonate popular wallets, such as Metamask, Coinbase, Trust Wallet, and OneKey, to steal recovery or seed phrases and drain them of cryptocurrency assets. The threat actor used multiple methods to imitate official products, including typosquatting and fake branding, to lure users in China into downloading […]
The Gentlemen ransomware now uses SystemBC for bot-powered attacks
A SystemBC proxy malware botnet of more than 1,570 hosts, believed to be corporate victims, has been discovered following an investigation into a Gentlemen ransomware attack carried out by a gang affiliate. The Gentlemen ransomware-as-a-service (RaaS) operation emerged around mid-2025 and provides a Go-based locker that can encrypt Windows, Linux, NAS, and BSD systems, and a […]
Seiko USA website defaced as hacker claims customer data theft
The Seiko USA website was defaced over the weekend, displaying a message from attackers claiming they stole its Shopify customer database and threatening to leak it unless a ransom is paid. Visitors to the “Press Lounge” section of the site were shown a page titled “HACKED,” which replaced normal content with what appeared to be a […]
Microsoft: Teams increasingly abused in helpdesk impersonation attacks
Microsoft is warning of threat actors increasingly abusing external Microsoft Teams collaboration and relying on legitimate tools for access and lateral movement on enterprise networks. The hackers impersonate IT or helpdesk staff to contact employees through cross-tenant chats and trick them into providing remote access for data theft purposes. Microsoft has observed multiple intrusions with […]
British Scattered Spider hacker pleads guilty to crypto theft charges
A British man, believed to be the leader of the Scattered Spider cybercrime collective, has pleaded guilty in the United States to charges of wire fraud and aggravated identity theft. In November 2024, U.S. prosecutors accused 24-year-old Tyler Robert Buchanan and four other suspects of stealing at least $8 million in cryptocurrency after hacking at least a dozen companies […]
Microsoft tests Windows Explorer speed, performance improvements
Microsoft is rolling out multiple File Explorer changes to Windows 11 users in the Insider program, including improvements to launch speed and performance. While Microsoft didn’t share how the speed and performance improvements are being implemented, it was testing a new feature in November that preloaded File Explorer in the background to improve launch times and performance. […]
Microsoft pulls service update causing Teams launch failures
Microsoft has reverted a recent service update that was preventing some customers from launching the Microsoft Teams desktop client. Affected users are getting stuck on the loading screen and seeing the “We’re having trouble loading your message. Try refreshing.” error message. On Friday morning, after acknowledging the incident (tracked under TM1283300), Microsoft said the launch failures […]
Microsoft releases emergency updates to fix Windows Server issues
Microsoft has released out-of-band (OOB) updates to fix issues affecting Windows Server systems after installing the April 2026 security updates. As Microsoft confirmed last week, some admins may experience failures when installing the KB5082063 security update on Windows Server 2025 devices. Additionally, this month’s Patch Tuesday cumulative updates are causing some Windows servers with domain controller […]