Cybercrime/malcode – Lifeboat News: The Blog

Sep 28
2025

Paper information

🌍 Exciting News! 🌍

Our research team is honored to have two papers accepted at the International Astronautical Congress (IAC) 2025 in Sydney 🇦🇺. Both sessions are scheduled for October 2nd, 2025:

📄 Hybrid GEO–LEO Satellite Network for Multi-Service 5G/6G NTN Connectivity in Australia 🕙 10:15 AM | Room C4.

📄 Leveraging GEO Satellite Virtualization for Enhanced Real-Time Security in Hybrid Satellite Networks 🕜 1:30 PM | Interactive Poster B2.

Although I won’t be able to attend in person, my co-author @Muãwia Tirmizëy will be there to present on behalf of our team.

You can find more details in my LinkedIn announcement here: 👉 [ https://www.linkedin.com/feed/update/urn: li: li:

We’re looking forward to contributing to the global conversation on multi-orbit networks, 5G/6G NTN, and secure satellite connectivity. 🚀

Continue reading “Paper information” | >

Sep 27
2025

New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module

XCSSET macOS malware adds clipboard hijacking, Firefox data theft, and new persistence methods, Microsoft warns.

Sep 27
2025

Researchers Expose Phishing Threats Distributing CountLoader and PureRAT

SVG phishing emails drop CountLoader to deploy Amatera Stealer and PureMiner in Ukrainian government attack.

Sep 27
2025

New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks

Russian APT COLDRIVER launches ClickFix attacks with BAITSWITCH and SIMPLEFIX malware; BO Team and Bearlyfy target Russia.

Sep 27
2025

The hidden cyber risks of deploying generative AI

Generative AI can boost productivity—but without safeguards, it also opens the door to phishing, fraud & model manipulation. Learn more from Acronis TRU on why AI security must be built in from the start.

Sep 27
2025

Microsoft Edge to block malicious sideloaded extensions

Microsoft is planning to introduce a new Edge security feature that will protect users against malicious extensions sideloaded into the web browser.

Edge enables developers to install extensions locally (also known as sideloading) for testing purposes before publishing them to the Microsoft Edge Add-ons store by toggling the “Developer Mode” option on the Extensions management page and clicking the “Load unpacked” button.

However, users can also sideload third-party extensions that aren’t distributed through official channels and aren’t scanned for malware.

Sep 26
2025

Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware

Cisco ASA zero-day attacks used RayInitiator bootkit and LINE VIPER malware to breach end-of-support firewalls.

Sep 26
2025

Vane Viper Generates 1 Trillion DNS Queries to Power Global Malware and Ad Fraud Network

Vane Viper drives 1 trillion DNS queries yearly using 60,000 domains to spread malware and ad fraud.

Sep 26
2025

Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs

Microsoft Threat Intelligence reports that a new variant of the XCSSET macOS malware has been detected in limited attacks, incorporating several new features, including enhanced browser targeting, clipboard hijacking, and improved persistence mechanisms.

XCSSET is a modular macOS malware that acts as an infostealer and cryptocurrency stealer, stealing Notes, cryptocurrency wallets, and browser data from infected devices. The malware spreads by searching for and infecting other Xcode projects found on the device, so that the malware is executed when the project is built.

“The XCSSET malware is designed to infect Xcode projects, typically used by software developers, and run while an Xcode project is being built,” explains Microsoft.

Sep 25
2025

Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike

RedNovember, a Chinese state-backed group, hacked global sectors using Pantegana and Cobalt Strike.