Cybercrime/malcode – Lifeboat News: The Blog

Max severity RCE flaw discovered in widely used Apache Parquet

Posted by Saúl Morales Rodriguéz in cybercrime/malcode | Leave a Comment on Max severity RCE flaw discovered in widely used Apache Parquet

Apr 4
2025

A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0.

The problem stems from the deserialization of untrusted data that could allow attackers with specially crafted Parquet files to gain control of target systems, exfiltrate or modify data, disrupt services, or introduce dangerous payloads such as ransomware.

The vulnerability is tracked under CVE-2025–30065 and has a CVSS v4 score of 10.0. The flaw was fixed with the release of Apache version 1.15.1.

Read more | >

Hunters International shifts from ransomware to pure data extortion

Posted by Saúl Morales Rodriguéz in cybercrime/malcode, government | Leave a Comment on Hunters International shifts from ransomware to pure data extortion

Apr 4
2025

The Hunters International Ransomware-as-a-Service (RaaS) operation is shutting down and rebranding with plans to switch to date theft and extortion-only attacks.

As threat intelligence firm Group-IB revealed this week, the cybercrime group remained active despite announcing on November 17, 2024, that it was shutting down due to declining profitability and increased government scrutiny.

Since then, Hunters International has launched a new extortion-only operation known as “World Leaks” on January 1, 2025.

Read more | >

Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware

Posted by Saúl Morales Rodriguéz in cybercrime/malcode | Leave a Comment on Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware

Apr 4
2025

Ivanti patches CVE-2025–22457 exploited by UNC5221 in March 2025, risking remote code execution and credential theft.

Read more | >

Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware

Posted by Saúl Morales Rodriguéz in cybercrime/malcode | Leave a Comment on Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware

Apr 4
2025

Tax-themed phishing hit 2,300 U.S. firms in Feb 2025 using QR codes and fake login pages.

Read more | >

Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware

Posted by Saúl Morales Rodriguéz in cybercrime/malcode, finance | Leave a Comment on Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware

Apr 4
2025

Lazarus Group deploys GolangGhost via fake job interviews using ClickFix, targeting Windows/macOS users with finance roles.

Read more | >

Arlington venture capital firm debuts $32M fund for cybersecurity startups

Posted by Genevieve Klien in cybercrime/malcode, finance | Leave a Comment on Arlington venture capital firm debuts $32M fund for cybersecurity startups

Apr 2
2025

An Arlington-based venture capital firm has announced it will pour $32 million in funding into cybersecurity startups.

Runtime Ventures, based out of Arlington and Austin, Texas, officially announced the capital commitment today (Wednesday).

It has already made 11 investments from the fund so far, supporting seed-stage cybersecurity companies focused on domains including code analysis, fraud protection, threat detection and browser security.

Read more | >

Japan Bolsters Cyber Safeguards, Passes Cyber Defense Bill

Posted by Genevieve Klien in cybercrime/malcode | Leave a Comment on Japan Bolsters Cyber Safeguards, Passes Cyber Defense Bill

Apr 2
2025

The bill will allow Japan to implement safeguards and strategies that have been in use by other countries for some time.

Read more | >

Cancer cells ‘hacked’ to expose themselves to immune attack

Posted by Rx Sobolewski in biotech/medical, cybercrime/malcode | Leave a Comment on Cancer cells ‘hacked’ to expose themselves to immune attack

Apr 2
2025

When your social media account starts spewing out nonsensical or threatening status updates, it’s safe to assume that it has been hacked and must be shut down.

The cells in our body also update their “status” by presenting to their environment small proteins that are constantly being produced inside the cell. Our immune system monitors these statuses and destroys cells that produce unusual proteins. A classic example of this is when a cell is infected by a virus and presents parts of the viral proteins on its surface, which allows the immune system to recognize them and destroy the cell.

In contrast, cancer cells often evade detection by displaying very few suspicious proteins that the immune system can identify and target. A new approach to cancer treatment, developed by researchers from Prof. Yardena Samuels’s lab at the Weizmann Institute of Science, increases the number of the immune system’s targets by disrupting protein production in cancerous cells.

Read more | >