DOJ Seizes $61 Million Tether Tied to Pig Butchering Scams
The U.S. Department of Justice seized over $61 million in Tether (USDT) linked to pig butchering cryptocurrency scams. Homeland Security Investigations (HSI) in Raleigh traced…
Samsung TVs Stop Data Collection on Texas Users Without Consent
Samsung agreed to halt Automated Content Recognition (ACR) data collection from Texas smart TVs without express user consent. This settlement resolves a lawsuit filed by…
QuickLens Chrome Extension Steals Crypto Wallets in ClickFix Campaign
The QuickLens Chrome extension delivered malware to thousands of users starting February 17, 2026. It used ClickFix attacks and stole cryptocurrency from browsers. Google removed…
Korean Tax Agency Seed Phrase Leak Leads to $4.8M Crypto Theft
South Korea’s National Tax Service lost $4.8 million in seized cryptocurrency assets on February 28, 2026. A public press release exposed the mnemonic recovery phrase…
OpenClaw 0-Click Vulnerability Lets Malicious Sites Hijack AI Agents
A critical zero-click vulnerability in OpenClaw exposes developers to attacks from any malicious website. It allows silent takeover of the AI agent framework without user…
Hackers Abuse .arpa TLD and IPv6 Tunnels to Bypass Phishing Defenses
Phishing campaigns now exploit .arpa top-level domain and IPv6 tunnels to evade detection. Infoblox Threat Intel uncovered attackers creating A records in infrastructure-only .arpa namespace…
Metasploit Framework Update Delivers Critical RCE Modules and Evasion Tools
Metasploit released seven new modules on February 27, 2026 targeting high-value enterprise infrastructure. Penetration testers gain unauthenticated RCE exploits for Ollama AI servers, BeyondTrust appliances,…
Claude Code Vulnerabilities Enable RCE and API Key Theft via Malicious Repos
Claude Code from Anthropic contained critical flaws allowing remote code execution and API key theft through malicious project files. CVE-2025-59536 and CVE-2026-21852 triggered on cloning…
North Korean APT37 Ruby Jumper Campaign Targets Air-Gapped Systems
North Korean APT37 (ScarCruft, Ruby Sleet) deployed Ruby Jumper malware to infect air-gapped networks. The campaign uses five new tools: RESTLEAF, SNAKEDROPPER, THUMBSBD, VIRUSTASK, and…
Microsoft Defender Exposes Trojanized Gaming Tools Delivering RATs and Data Theft
Microsoft Threat Intelligence uncovered a campaign distributing trojanized gaming utilities like Xeno.exe and RobloxPlayerBeta.exe. These files deploy Remote Access Trojans that grant attackers full control…
November 21, 2025
1 comment 
