Cybercriminals abused GitHub, YouTube and VirusTotal to push crypto-stealing malware

A cryptocurrency-stealing malware campaign used inflated GitHub activity, software reviews, YouTube tutorials and favorable VirusTotal comments to make malicious trading and gambling tools appear trustworthy, Check Point researchers found. According to… Continue reading Cybercriminals abused GitHub, YouTube and VirusTotal to push crypto-stealing malware

Malware attacks strip Roblox developers of entire games

Hackers who once focused on stealing valuable Roblox items are now taking over entire games. Although Roblox operates the service, users can create and publish their own games on it. Successful games can generate substantial revenue through in-game pur… Continue reading Malware attacks strip Roblox developers of entire games

Another healthcare firm attacked days after Novo Nordisk breach

Medical technology company iRhythm Holdings disclosed a cyberattack involving certain third-party-hosted business applications that resulted in the theft of patient protected health information, proprietary data, and other personal data. The company di… Continue reading Another healthcare firm attacked days after Novo Nordisk breach

Rokarolla Android trojan targets banking and crypto users, enables device takeover

A newly discovered Android banking trojan, dubbed Rokarolla, targets 217 banking and cryptocurrency applications and can execute 137 commands on infected devices, according to researchers at Zimperium. Named after its command-and-control (C2) infrastru… Continue reading Rokarolla Android trojan targets banking and crypto users, enables device takeover

Apple is bringing Hide My Email and Sign in with Apple under one domain

Apple will unify the email domains used by Sign in with Apple and iCloud+ Hide My Email under a shared domain, private.icloud.com, later this summer. Hide My Email is a service included with iCloud+, Apple’s subscription service. It allows users … Continue reading Apple is bringing Hide My Email and Sign in with Apple under one domain

Cybercriminals mask malicious communications through Microsoft Teams relays

The DragonForce ransomware group used a custom malware called Backdoor.Turn to hide command-and-control traffic inside Microsoft Teams relay infrastructure during an intrusion at a U.S. services company, according to Symantec. DragonForce is a ransomwa… Continue reading Cybercriminals mask malicious communications through Microsoft Teams relays

Crypto scammers are sending couriers to victims’ homes to collect cash

Scammers behind cryptocurrency investment schemes are dispatching couriers to pick up cash from victims in person, the FBI warns. According to the agency, scammers usually approach victims through social media, text messages, or fake investment persona… Continue reading Crypto scammers are sending couriers to victims’ homes to collect cash

Planning a trip? Fake travel sites are multiplying this summer

Cyberattacks against hospitality, travel, and recreation organizations rose 24% year over year, reaching an average of 2,291 incidents per organization each week in May 2026, according to Check Point. (Source: Check Point) “The sector has more than dou… Continue reading Planning a trip? Fake travel sites are multiplying this summer

Chinese hackers breached North American research institutions via REDCap servers

A China-linked cyber espionage operation targeted North American medical research institutions through compromised REDCap servers, using custom malware to gain persistent access and collect sensitive information, Google’s Threat Intelligence Grou… Continue reading Chinese hackers breached North American research institutions via REDCap servers