The comfort zone in cybersecurity is gone. Attackers are scaling down, focusing tighter, and squeezing more value from fewer, high-impact targets. At the same time, defenders face growing blind spots — from spoofed messages to large-scale social engineering.
This week’s findings show how that shrinking margin of safety is redrawing the threat landscape. Here’s what’s making headlines.
-
Hijack Loader expands its reach in Latin America
Phishing emails containing SVG file attachments targeting Colombian, Spanish-speaking individuals with themes relating to the Attorney General’s office of Colombia have been used to deliver PureHVNC RAT. “The emails entice the user to download an ‘official document’ from the judicial information system, which starts the infection chain of executing a Hijack Loader executable that leads to the PureHVNC Remote Access Trojan (RAT),” IBM X-Force said. The activity was observed between August and October 2025. The findings are notable because this is the first time Hijack Loader has been used in campaigns targeting the region, in addition to using the loader to distribute PureHVNC.
-
Insider sells U.S. cyber weapons to Russia for crypto
Peter Williams, 39, an Australian national, pleaded guilty in the U.S. in connection with selling his employer’s trade secrets to a Russian cyber-tools broker. Williams pleaded to two counts of theft of trade secrets stolen from U.S. defense contractor L3Harris Trenchant between 2022 and 2025. This included national-security-focused software that included at least eight sensitive and protected cyber-exploit components that were meant to be sold exclusively to the U.S. government and select allies. “Williams sold the trade secrets to a Russian cyber-tools broker that publicly advertises itself as a reseller of cyber exploits to various customers, including the Russian government,” the U.S. Department of Justice said. The defendant received payment in cryptocurrency from the sale of software exploits and used the illicit proceeds to buy luxury watches and other items. Charges against Williams came to light last week. While the name of the exploit broker was not disclosed, evidence points to Operation Zero, which has previously offered up to $4 million for Telegram exploits and $20 million for tools that could be used to break into Android and iPhone devices. Operation Zero advertises itself as the “only Russian-based zero-day vulnerability purchase platform.” Earlier this August, another United Arab Emirates-based startup named Advanced Security Solutions also announced rewards of up to $20 million for hacking tools that could help governments break into any smartphone with a text message.
-
Spoofed calls drive global fraud epidemic
Europol has highlighted the urgent need for a coordinated, multi-faceted approach to mitigate cross-border caller…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
