-
ReversingLabs has discovered a fresh wave of the graphalgo campaign in which North Korean Lazarus hackers are using fake Florida LLCs, mimicking SWFT Blockchain, and using GitHub typo-squatting to target developers with malware.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
More countries want to develop military spaceplanes and “bodyguard satellites," like those of the United States and China, to protect orbital assets against growing threats, according to a new report.
Last year alone, France’s direction générale de l'armement, Germany’s Federal Ministry of Defence, Japan’s Ministry of Defense, and the Indian Space Research Organisation have all either tested components, defined strategy, or made sales pitches for space vehicles, according to “Global Counterspace Capabilities,” released this week by the Secure World Foundation.
“We’re seeing everyone wants a spaceplane,” said Victoria Samson, the organization’s chief director of space security and stability. “India is continuing to work on it; French government officials have spoken quite glowingly about this; the Germans are extremely enthusiastic.”
Yet it’s not clear what the secretive vehicles are meant to do. The U.S. X-37B Orbital Test Vehicle has flown eight highly classified missions since 2010, and Russia and China have speculated that it is “some sort of orbital bomber or secret weapons testing platform,” the report said. Even less is known about the Chinese Reusable Experimental Spacecraft, which made the first of its four known flights in 2020.
Other nations are publicly pitching planned spaceplanes of their own.
French Gen. Philippe Koffi, the DGA’s strategic lead for air, land and naval combat, said in September that a spaceplane could “recover critical assets, conduct reconnaissance, and intervene against threats in orbit.” That was three months after Paris-based Dassault Aviation announced an agreement with DGA to develop a demonstrator spacecraft called VORTEX with plans for a first flight in 2028.
France is also planning to demonstrate its own patrol-guard satellites through several concepts, including one known as YODA.
“The YODA program is also framed as an early technology demonstrator program of later and bigger versions of inspector satellites that would be able to protect French military satellites by 2030,” the Secure World Foundation’s report states.
In November, Germany’s Federal Ministry of Defence released its own Space Safety and Security Strategy, which called for building “highly agile low-signal surveillance and bodyguard satellites and reusable spaceplanes.” Earlier in the year, Maj. Gen. Michael Traut, the head of German Space Command, laid out a need for satellites that could protect or even inspect other assets.
“What if we could launch or have some nice little satellites up there, which are agile and go after some satellites which we feel need to be inspected–some sort of space police?” he told Aviation Week.
India has been working for at least three years on a design for its own spaceplane, which “looks very similar to the US’ X-37B and China’s Reusable Experimental Spacecraft,” the Secure World Foundation’s report said. In 2024, India was testing Pushpak, a 21-foot-long prototype, for autonomous landings. Last April, India opened a facility to test Pushpak landing gear.
“While the program has been described as developing technologies for a reusable launch vehicle and not as a counterspace capability, the possibility has been raised that the spaceplane could spend up to a month in space, conducting experiments and releasing payloads; if it does eventually develop that capability, then it may have a latent counterspace capacity,” the report said.
In September, the Indian government said it wanted to develop its own “bodyguard” satellites after a close call with a neighboring countries orbital assets in 2024.
Similarly, this past year, Japan’s Ministry of Defense debuted a program to develop “bodyguard satellites” to protect its space assets with plans to build and test a capability by 2029.
In recent years, China has launched satellites equipped with robotic arms and other means to monitor or interfere with orbital assets, the report said.
The U.S. military has not said whether it has bodyguard satellites of its own.
Last year, the Space Force’s X-37B launched for its eighth mission to test quantum sensors and laser-based communications with commercial satellites. Lt. Gen. Gregory Gagnon, the head of Space Force Combat Command, told reporters at the Air and Space Force Association's conference in Colorado earlier this year that China is trying to keep up the pace with its own reusable spacecraft.
“That's the most advanced spaceplane in the world,” Gagnon said. “It's not the only spaceplane in the world. The Chinese are on sortie four for their spaceplane. We're on sortie eight. So, what I try to remind everyone is, even though we're running fast, there's someone else on the track running just as fast.”
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing adversary-in-the-middle (AiTM) session hijacking to steal employee salaries in a new “payroll pirate” campaign tracked by Microsoft as Storm-2755 and targeting Canadian users. By hijacking live Microsoft 365 sessions, the group redirects payroll deposits to attacker-controlled bank accounts while bypassing multifactor authentication (MFA) and blending in with normal user activity. The group’s […]
The post Storm-2755 Uses AiTM Hijacking to Divert Employee Salaries appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed vulnerability in the widely used Android library EngageSDK has raised serious concerns across the cryptocurrency ecosystem, potentially exposing millions of users to data theft and unauthorized access. Security researchers identified a critical “intent redirection” vulnerability in EngageSDK, a third-party Android SDK commonly used for push notifications and in-app messaging. The issue allows […]
The post EngageSDK Vulnerability puts millions of crypto wallets at risk appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that’s designed to stealthily infect all integrated development environments (IDEs) on a developer’s machine. The technique has been discovered in an Open VSX extension named “specstudio.code-wakatime-activity-tracker,” which masquerades as WakaTime, a
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity flaw in GitHub Copilot Chat recently allowed attackers to silently steal sensitive data like API keys and private source code. Tracked as CVE-2025-59145 with a critical CVSS score of 9.6, this vulnerability required no malicious code execution. Instead, hackers used a clever prompt injection technique known as “CamoLeak.” A security researcher publicly disclosed […]
The post Hackers Exploit GitHub Copilot Flaw to Exfiltrate Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
This week in cybersecurity from the editors at Cybercrime Magazine
Sausalito, Calif. – Apr. 10, 2026– Read the full story in BusinessWorld
Cybercrime operates like a legitimate, profit-driven economy, writes Subhalakshmi Ganapathy, chief IT security evangelist at ManageEngine, in a BusinessWorld article. Organized groups mirror corporate structures and have specialized roles such as research and development, marketing, and customer support. As a result, cyberattacks are more scalable, efficient, and accessible than ever, transforming the threat landscape for businesses.
An example of this transformation is the rise of subscription-style cybercrime offerings such as ransomware-as-a-service (RaaS). The ready-made attack tools sold on underground marketplaces offer structured pricing tiers, user dashboards, and technical support that have effectively lowered the traditional entry barriers confronting budding cybercriminals.
While individuals with limited technical expertise can purchase exploit kits, stolen data, or phishing services to immediately launch attacks, the developers of these tools relentlessly refine their products, similar to legitimate technology companies.
This growing industrialization was predicted to drive global cybercrime losses to around $10.5 trillion annually by 2025 (and $12.2 trillion annually by 2031) according to Cybersecurity Ventures. Meanwhile, Deloitte’s Center for Financial Services estimates that synthetic identity fraud alone could generate global losses of at least $23 billion by 2030.
Cybercrime Magazine is Page ONE for Cybersecurity. Go to any of our sections to read the latest:
- SCAM. The latest schemes, frauds, and social engineering attacks being launched on consumers globally.
- NEWS. Breaking coverage on cyberattacks and data breaches, and the most recent privacy and security stories.
- HACK. Another organization gets hacked every day. We tell you who, what, where, when, and why.
- VC. Cybersecurity venture capital deal flow with the latest investment activity from various sources around the world.
- M&A. Cybersecurity mergers and acquisitions including big tech, pure cyber, product vendors and professional services.
- BLOG. What’s happening at Cybercrime Magazine. Plus the stories that don’t make headlines (but maybe they should).
- PRESS. Cybersecurity industry news and press releases in real time from the editors at Business Wire.
- PODCAST. New episodes daily on the Cybercrime Magazine Podcast feature victims, law enforcement, vendors, and cybersecurity experts.
- RADIO. Tune into WCYB Digital Radio at Cybercrime.Radio, the first and only round-the-clock internet radio station devoted to cybersecurity.
Contact us to send story tips, feedback and suggestions, and for sponsorship opportunities and custom media productions.
The post Cybercrime Is An Industrialized Economy appeared first on Cybercrime Magazine.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
UNC6783 hackers and extortionists impersonate support staff, using fake Okta login pages and social engineering to access corporate systems and steal sensitive data.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals are exploiting the massive hype around BTS’s return to the global stage by launching a wave of fake ticketing websites targeting fans across multiple countries. The K-pop group recently reunited after nearly four years, during which members completed mandatory military service in South Korea. Their upcoming “ARIRANG” world tour has triggered overwhelming demand and […]
The post Fake BTS Tour Ticket Scams Target Fans Worldwide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
While much of the discussion on AI security centers around protecting ‘shadow’ AI and GenAI consumption, there’s a wide-open window nobody’s guarding: AI browser extensions. A new report from LayerX exposes just how deep this blind spot goes, and why AI extensions may be the most dangerous AI threat surface in your network that isn’t on anyone’s
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
