Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode

Research led by the Chiba Cancer Center Research Institute in Japan has discovered a surprising way cancer evades the immune system. It essentially hacks the immune cells, transferring its own faulty mitochondrial DNA (mtDNA) into the T-cells meant to attack it.

This sneaky move weakens the immune cells, making them less effective at stopping the tumor. The findings could help explain why some cancer treatments, like immunotherapy, are effective for some patients but not others.

In the study, “Immune evasion through mitochondrial transfer in the ,” published in Nature, the multi-group collaboration looked at how cancer cells interact with tumor-infiltrating lymphocytes, a type of T-cell that typically fights tumors. The research is also featured in a News and Views piece.

Read more | >

Cybersecurity researchers are calling attention to a new malware campaign that leverages fake CAPTCHA verification checks to deliver the infamous Lumma information stealer.

“The campaign is global, with Netskope Threat Labs tracking victims targeted in Argentina, Colombia, the United States, the Philippines, and other countries around the world,” Leandro Fróes, senior threat research engineer at Netskope Threat Labs, said in a report shared with The Hacker News.

“The campaign also spans multiple industries, including healthcare, banking, and marketing, with the telecom industry having the highest number of organizations targeted.”

Read more | >

Hackers are distributing close to 1,000 web pages mimicking Reddit and the WeTransfer file sharing service that lead to downloading the Lumma Stealer malware.

On the fake pages, the threat actor is abusing the Reddit brand by showing a fake discussion thread on a specific topic. The thread creator asks for help to download a specific tool, another user offers to help by uploading it to WeTransfer and sharing the link, and a third thanks him to make everything appear legitimate.

Unsuspecting victims clicking on the link are taken to a fake WeTransfer site that mimicks the interface of the popular file-sharing service. The ‘Download’ button leads to the Lumma Stealer payload hosted on “weighcobbweo[.]top.”

Read more | >

Threat actors are exploiting an unspecified zero-day vulnerability in Cambium Networks cnPilot routers to deploy a variant of the AISURU botnet called AIRASHI to carry out distributed denial-of-service (DDoS) attacks.

According to QiAnXin XLab, the attacks have leveraged the security flaw since June 2024. Additional details about the shortcomings have been withheld to prevent further abuse.

Some of the other flaws weaponized by the distributed denial-of-service (DDoS) botnet include CVE-2013–3307, CVE-2016–20016, CVE-2017–5259, CVE-2018–14558, CVE-2020–25499, CVE-2020–8515, CVE-2022–3573, CVE-2022–40005, CVE-2022–44149, CVE-2023–28771, as well as those impacting AVTECH IP cameras, LILIN DVRs, and Shenzhen TVT devices.

Read more | >

Threat actors on X are exploiting the news around Ross Ulbricht to direct unsuspecting users to a Telegram channel that tricks them into run PowerShell code that infects them with malware.

The attack, spotted by vx-underground, is a new variant of the “Click-Fix” tactic that has become very popular among threat actors to distribute malware over the past year.

However, instead of being fixes for common errors, this variant pretends to be a captcha or verification system that users must run to join the channel.

Read more | >

The campaign is unique for its focus on the Chinese-speaking demographic and the use of software-related lures to activate the attack chain.

“Equally striking is the attackers’ sophisticated use of legitimate software as a delivery mechanism for malware, seamlessly blending malicious activities with seemingly benign applications,” Fishbein said.

“The adaptability of the PNGPlug loader further elevates the threat, as its modular design allows it to be tailored for multiple campaigns.”

Read more | >