A massive ad fraud operation known as Konfety is using over 250 Google Play decoy apps to hide malicious twins. The campaign leverages a mobile advertising SDK linked to a Russia-based ad network named CaramelAds.

Kaspersky, the Russian cybersecurity vendor, is winding down its operations in the US due to a Commerce Department decision prohibiting the sale of its products and services in the country.

Hacktivist groups are targeting Romania amidst geopolitical tensions, with increased DDoS attacks observed by security researchers. These attacks involve CyberDragon and the Cyber Army of Russia.

Tether has frozen $29 million of cryptocurrency linked to a Cambodian marketplace accused of supporting scams. Tether confirmed the freeze, citing concerns about fraudulent and criminal activities.

Researchers have uncovered a well-established cybercriminal ecosystem connected to a Telegram bot, with over 90,000 Arabic messages dating back to 2022, enabling a sophisticated network offering social media manipulation and financial theft services.

Real-world attacks have been observed where attackers target the Kubelet API to steal secrets and gain control over clusters. Various techniques, such as environment discovery, network scanning, and secrets collection, have been utilized by hackers.

BadPack is an APK file intentionally packaged in a malicious way. In most cases, this means an attacker has maliciously altered header information used in the compressed file format for APK files.

In a recent phishing attempt, Cofense researchers spotted an email disguised as a communication from a company’s HR department, prompting recipients to review an updated employee handbook.

The threat actors take out ads for Windows themes, free game downloads, and software cracks for apps like Photoshop and Microsoft Office. These ads are shared through new or hijacked Facebook business pages.

The vulnerability, CVE-2024-38112, was observed by Trend Micro in May 2024, being exploited as part of a multi-stage attack chain using internet shortcut files. The campaign has been active throughout 2024.