Cyber threats are increasingly complex, layered, and often hidden until they cause damage, emphasizing the need for proactive detection and focused analysis. Recent actions include takedowns of malware infrastructure like Lumma Stealer and DanaBot, and new exploitation techniques such as AI-generated videos and malicious Chrome extensions. #DanaBotDisruption #TikTokMalware #APT28 #ChromeExtensions #StarkIndustries
Keypoints
- Law enforcement disrupted DanaBot and Lumma Stealer activities, seizing thousands of command-and-control domains.
- Threat actors are leveraging TikTok and AI-generated videos to distribute banking malware like Vidar and StealC, exploiting social media trends.
- Russian-backed APT28 continues targeting Western logistics and tech companies for cyber-espionage campaigns.
- China-linked group UNC5221 exploits Ivanti EPMM flaws to infect enterprise mobile devices with persistent payloads.
- Malicious Chrome extensions masquerading as legitimate tools have been used to exfiltrate data and hijack user sessions.
Read More: https://thehackernews.com/2025/05/weekly-recap-apt-campaigns-browser.html