Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 23

CISA exposes malware kits deployed in Ivanti EPMM attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the malware deployed in attacks exploiting vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM).

The flaws are an authentication bypass in EPMM’s API component (CVE-2025–4427) and a code injection vulnerability (CVE-2025–4428) that allows execution of arbitrary code.

The two vulnerabilities affect the following Ivanti EPMM development branches and their earlier releases: 11.12.0.4, 12.3.0.1, 12.4.0.1, and 12.5.0.0.

Physicists create new electrically controlled silicon-based quantum device

A team of scientists at Simon Fraser University’s Quantum Technology Lab and leading Canada-based quantum company Photonic Inc. have created a new type of silicon-based quantum device controlled both optically and electrically, marking the latest breakthrough in the global quantum computing race.

The research, published in the journal Nature Photonics, reveals new diode nanocavity devices for electrical control over silicon color center qubits.

The devices have achieved the first-ever demonstration of an electrically-injected single-photon source in silicon. The breakthrough clears another hurdle toward building a quantum computer—which has enormous potential to provide computing power well beyond that of today’s supercomputers and advance fields like chemistry, materials science, medicine and cybersecurity.

Microsoft and Cloudflare disrupt massive RaccoonO365 phishing service

Microsoft and Cloudflare have disrupted a massive Phishing-as-a-Service (PhaaS) operation, known as RaccoonO365, that helped cybercriminals steal thousands of Microsoft 365 credentials.

In early September 2025, in coordination with Cloudflare’s Cloudforce One and Trust and Safety teams, Microsoft’s Digital Crimes Unit (DCU) disrupted the cybercrime operation by seizing 338 websites and Worker accounts linked to RaccoonO365.

The cybercrime group behind this service (also tracked by Microsoft as Storm-2246) has stolen at least 5,000 Microsoft credentials from 94 countries since at least July 2024, using RaccoonO365 phishing kits that bundled CAPTCHA pages and anti-bot techniques to appear legitimate and evade analysis.

Google nukes 224 Android malware apps behind massive ad fraud campaign

A massive Android ad fraud operation dubbed “SlopAds” was disrupted after 224 malicious applications on Google Play were used to generate 2.3 billion ad requests per day.

The ad fraud campaign was discovered by HUMAN’s Satori Threat Intelligence team, which reported that the apps were downloaded over 38 million times and employed obfuscation and steganography to conceal the malicious behavior from Google and security tools.

The campaign was worldwide, with users installing the apps from 228 countries and territories, and SlopAds traffic accounting for 2.3 billion bid requests every day. The highest concentration of ad impressions originated from the United States (30%), followed by India (10%) and Brazil (7%).

/* */