news
Breaking Cyber News From Cyberint
Breaking news feed of the latest cyber incidents, breaches, vulnerabilities, malware, ransomware and so much more.
- All Items
- Business Services
- Jobinfo
- Israel
- Asia
- Data Encrypted For Impact
- Handala
- Middle East
- Shelter Locations In Israel
- Saudi Games
- Cyber Fattah Team
- Retail
- Saudi Arabia
- Ben Horin & Alexandrovitz
- Zachary Levi And Sons - Construction
- Sivim It
- Government
- Kibbutz Almog
- Manufacturing
- Saban Brands Israel
- Digitalghost
- Mprest
- Evil_Byte
- The Knesset
- Nobitex
- Gonjeshke Darande
- Indonesia
- exclusive
- Sentap
- Chemicals And Allied Products
- South-Eastern Asia
- Kimia Farma
- Sweden
- Hensi
- Transportation
- Scania
- Europe
- Northern Europe
- Media
- Tbn Israel
- Education
- Weizmann Institute Of Science
- Resistancetrench
- Israeli Air Force
- Israel Antiquities Authority
- Dienet
- North America
- United States
- CVE-2025-24016
- Wazuh
- Mirai
- Cve-2025-24016
- Technology
- Epsilor Electric Fuel
- Clayoxtymus1337
- Advanced Weapons And Equipment India
- Southern Asia
- India
- More_Eggs
- Fin6
- Cryptocurrency
- Alex Lab
- Critical Infrastructures
- Zoldyck
- Edf Energy
- United Kingdom
- Spearphishing Link
- Match Legitimate Name Or Location
- Ingress Tool Transfer
- Disable Or Modify Tools
- Telecommunications
- Sudo And Sudo Caching
- Credentials In Files
- Unix Shell
- Spectrum
- Amos
- Israel Defense Forces
- Food And Kindred Products
- Ghna
- Coca-Cola Europacific Partners
- Italy
- Locauto
- Southern Europe
- Automotive
- Mercadona
- Spain
- Whitecoat
- Wow Health Solutions
- Ups
- Healthcare
- Rip_Real_World
- Cyprus Airways
- Netsupport Rat
- Illeak
- Tel Aviv University
- Desec0X
- Unc6032
- Lucky_Gh0$T
- Numero
- Chaos
- Yashma
- Cyberlock
- 303
- Deloitte
- Gucci
- Eddiestealer
- File And Directory Discovery
- Command And Scripting Interpreter
- Credentials From Password Stores
- System Information Discovery
- Screen Capture
- Password Managers
- Phishing
- Virtualization/Sandbox Evasion
- User Execution
- Input Capture
- Credentials From Web Browsers
- Data From Local System
- Obfuscated Files Or Information
- Windows Credential Manager
- Exfiltration Over C2 Channel
- Drive-By Compromise
- W_Tchdogs
- Superloop
- Australia And New Zealand
- Australia
- Network Service Discovery
- Lateral Tool Transfer
- Docker
- Web Protocols
- Change Default File Association
- Smb/Windows Admin Shares
- Escape To Host
- Exploitation For Client Execution
- Deploy Container
- Resource Hijacking
- External Remote Services
- Exploit Public-Facing Application
- Remote System Discovery
- Financial Theft
- Eastern Europe
- Cameleon
- Romania
- Venom Rat
- Bitdefender
- Eastern Asia
- Cisco
- Vicioustrap
- Cve-2023-20118
- Macao Special Administrative Region
- CVE-2023-20118
- CVE-2025-0944
- Cve-2025-0944
- Trimble
- Tetraloader
- Uat-6382
- Reflective Code Loading
- Valleyrat
- Rundll32
- Regsvr32
- China
- Scheduled Task
- Dynamic-Link Library Injection
- Powershell
- Silver Fox
- Masquerade Task Or Service
- Obfuscated Files Or Information: Encrypted Or Encoded Data
- File Deletion
- Malicious File
- Process Discovery
- Danabot
- Trickbot
- Bumblebee
- Qakbot
- Warmcookie
- Cetus
- Purehvnc
- Bytebreaker
- Telcel
- Latin America And The Caribbean
- Mexico
- Viralgod
- Peter Green Chilled
- Cellcom
-
Jun 03, 2025
Exploiting AI: The Rise of Fake Installers and Ransomware
A new cybersecurity threat involves fake installers for popular AI tools like ChatGPT and InVideo AI, which are being used to distribute various ransomware families, including Cyberlock and Lucky_gh0$t, as well as a destructive malware called Numero. These fake installers are promoted through SEO poisoning and lure users with claims of free access, only to deploy malicious software that encrypts files and demands hefty ransoms. The threat actors behind this campaign are targeting individuals and organizations in the B2B sales and marketing sectors, and their tactics include using legitimate-sounding filenames and exploiting popular AI tools to gain trust. The campaign has been linked to a threat cluster with a Vietnam nexus, indicating a sophisticated and ongoing operation.