Secure Bulletin Navigating the cyber sea with knowledge
Home > Categoria > Cybercrime
Latest news

UNC3753 (Luna Moth) Escalates Campaign Against US Law Firms: Vishing, RMM Tools, and Now Physical Intrusion

10 June 2026  |  dark6  |  Cybercrime

Google Cloud Mandiant has documented a sustained UNC3753 (Luna Moth) campaign targeting US law firms from January–May 2026. The group uses vishing calls and RMM tools to exfiltrate...

>> read more

Meet Pink: The New Extortion Group Using Vishing and Microsoft 365 Tools to Drain Enterprise Cloud Storage

10 June 2026  |  dark6  |  Cybercrime

A new extortion group called Pink (CL-CRI-1147) has emerged, targeting enterprise organizations through voice phishing to steal Microsoft 365 credentials and cloud files. With ties to the Com...

>> read more

China-Linked OP-512 Uses Cryptographically Unique Web Shells in Patient IIS Server Espionage Campaign

9 June 2026  |  dark6  |  Cybercrime

ReliaQuest has uncovered OP-512, a new China-linked threat cluster targeting IIS servers with a custom web shell framework that generates cryptographically unique signatures per deployment, evading traditional detection....

>> read more

Hackers Can Hijack Claude Code MCP Traffic to Steal OAuth Tokens — No Patch Coming

8 June 2026  |  dark6  |  Cybercrime

Researchers at Mitiga Labs demonstrated a five-step npm supply chain attack that rewrites ~/.claude.json to redirect Claude Code MCP traffic through attacker-controlled infrastructure, silently capturing OAuth tokens for...

>> read more

Iran-Linked Black Shadow Group Obliterates IT, Backups and Recovery Systems Across US and Middle East

5 June 2026  |  dark6  |  Cybercrime

Operating under the cover name Ababil of Minab, Iran-linked APT group Black Shadow launched a wave of destructive attacks against US transit agencies, Israeli firms, and Middle East...

>> read more

Threat Actors Use AI Agents and Cursor IDE to Automate Active Directory Attacks and Beat EDR

4 June 2026  |  dark6  |  Cybercrime

Sophos has uncovered a Russian-speaking threat actor using AI-assisted tools, Cobalt Strike, and a purpose-built automated lab to develop EDR bypass malware targeting Active Directory environments — with...

>> read more

Critical Supply Chain Attack: 31 Red Hat Cloud Services npm Packages Backdoored to Steal Cloud and Dev Credentials

2 June 2026  |  dark6  |  Cybercrime

A sophisticated supply chain attack dubbed "Miasma: The Spreading Blight" has backdoored over 30 official @redhat-cloud-services npm packages, deploying credential-stealing malware that targets AWS, Azure, GCP secrets, GitHub...

>> read more

Massive Supply Chain Attack: Poisoned VS Code Extension and “Megalodon” Campaign Steal Credentials from Millions of Developers

1 June 2026  |  dark6  |  Cybercrime

Two coordinated supply chain attacks poisoned the Nx Console VS Code extension (2.2M installs) and backdoored 5,561 GitHub repositories simultaneously, stealing cloud credentials and 3,800 internal GitHub source...

>> read more