-
New York, USA, 4th March 2026, CyberNewswire
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
This week in cybersecurity from the editors at Cybercrime Magazine
Sausalito, Calif. – Mar. 4, 2026– Read the full story in Finextra
It is estimated that one third to a half of North Korea’s budget comes from cyberfraud and extortion. Finextra reports that most of these crimes are aimed at the financial services industry, including banks, crypto exchanges, and payments providers.
Cybercrime is one of the most serious, underdiscussed issues of our age. The money siphoned out of financial systems each year by bad actors is a value twice the size of Germany’s GDP, according to Cybersecurity Ventures: around $10 trillion in 2025, and If an economy, it would be the third largest in the world.
North Korea has a turbulent history, and its isolated economy — and several weapons programmes — are propped up by the spoils of cyberattacks. Through years of practice, the rogue state has become exquisitely advanced in digital warfare — funding highly organised rings of hackers to siphon money from large, multi-national companies, high-net worth earners, financial institutions (FIs), governments, and even vulnerable individuals.
For years, its economy has been contracting — labouring under resource shortages, outdated infrastructure, and energy problems. In 2024, however, this picture began to shift and North Korea’s economy grew by around 4 percent its fastest in eight years.
One of North Korea’s long-term, most reliable incomes, is delivered by cybercrime — i.e., any illegal activity involving computers, the internet, or network devices. In North Korea’s case, the state sponsors activities like identity theft, phishing scams, and numerous other digital attacks, which siphon money from the financial systems of its adversaries.
Cybercrime Magazine is Page ONE for Cybersecurity. Go to any of our sections to read the latest:
- SCAM. The latest schemes, frauds, and social engineering attacks being launched on consumers globally.
- NEWS. Breaking coverage on cyberattacks and data breaches, and the most recent privacy and security stories.
- HACK. Another organization gets hacked every day. We tell you who, what, where, when, and why.
- VC. Cybersecurity venture capital deal flow with the latest investment activity from various sources around the world.
- M&A. Cybersecurity mergers and acquisitions including big tech, pure cyber, product vendors and professional services.
- BLOG. What’s happening at Cybercrime Magazine. Plus the stories that don’t make headlines (but maybe they should).
- PRESS. Cybersecurity industry news and press releases in real time from the editors at Business Wire.
- PODCAST. New episodes daily on the Cybercrime Magazine Podcast feature victims, law enforcement, vendors, and cybersecurity experts.
- RADIO. Tune into WCYB Digital Radio at Cybercrime.Radio, the first and only round-the-clock internet radio station devoted to cybersecurity.
Contact us to send story tips, feedback and suggestions, and for sponsorship opportunities and custom media productions.
The post Examining North Korea’s Cybercrime Economy appeared first on Cybercrime Magazine.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google said it identified a “new and powerful” exploit kit dubbed Coruna (aka CryptoWaters) targeting Apple iPhone models running iOS versions between 13.0 and 17.2.1. The exploit kit featured five full iOS exploit chains and a total of 23 exploits, Google Threat Intelligence Group (GTIG) said. It’s not effective against the latest version of iOS. The findings were first reported by WIRED. “The
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Qualcomm chipset vulnerability to its Known Exploited Vulnerabilities (KEV) catalog on March 3, 2026, confirming active exploitation in the wild. The flaw, tracked as CVE-2026-21385, affects multiple Qualcomm chipsets and introduces a serious memory corruption risk that attackers can leverage to compromise affected devices. Vulnerability […]
The post CISA Warns Qualcomm Chipsets Memory Corruption Vulnerability Is Actively Exploited in Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Iran‑nexus APT group “Dust Specter” is targeting Iraqi government officials with AI‑assisted custom .NET malware, using dual attack chains that blend DLL sideloading, in‑memory PowerShell, and ClickFix‑style lures. In January 2026, Zscaler ThreatLabz tracked a new campaign against Iraqi officials in which the actor impersonated Iraq’s Ministry of Foreign Affairs and abused compromised government infrastructure […]
The post Iran‑Linked “Dust Specter” APT Deploys AI‑Aided Malware Against Iraqi Officials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Phishing drives about 90% of cyberattacks in 2026, using tactics like encrypted flows, QR code scams, and trusted cloud platforms to steal credentials.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Zero Science Lab have disclosed a critical vulnerability in Honeywell’s Trend IQ4xx series of Building Management System (BMS) controllers, revealing that the devices expose their full web-based Human-Machine Interface (HMI) without any authentication in their factory-default configuration. The advisory, tracked as ZSL-2026-5979, was publicly released on March 2, 2026, after months of […]
The post Honeywell Controllers Widely Exposed Without Authentication appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cyberattacks are shifting from “breaking in” to simply “logging in,” with AI now automating high-speed operations that overwhelm human defenders. Cloudforce One describes MOE as a cold ratio of effort to operational outcome, and modern threat actors are optimizing every stage of their campaigns around it. Instead of burning expensive zero-days, attackers prefer cheap, scalable […]
The post New Threat Report: AI Accelerates High-Velocity Cyber Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
New research from IMDEA Networks reveals how unencrypted signals from tyre pressure sensors in brands like Toyota and Mercedes can be used for covert vehicle tracking. Learn how these low-cost systems can map out your daily routines and why current regulations fail to protect driver privacy.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Zenity Labs disclosed a critical flaw in Perplexity’s Comet “agentic” browser that allowed attackers to steal local files using a malicious Google Calendar invite. The issue, dubbed PerplexedBrowser and grouped under Zenity’s “PleaseFix” family, affected Comet on macOS, Windows, and Android and was rated P1 (critical) in Bugcrowd. The attack required no […]
The post Perplexity’s Comet Browser Breached Through Calendar Invite Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
