Cybercriminals Use Fake Apps to Steal Data and Blackmail Users Across Asia’s Mobile Networks

Threat Score:
51
The Hacker News
7 days ago

Overview

Cybersecurity researchers have discovered a new, large-scale mobile malware campaign that's targeting Android and iOS platforms with fake dating, social networking, cloud storage, and car service apps to steal sensitive personal data. The cross-platform threat has been codenamed SarangTrap by Zimperium zLabs. Users in South Korea appear to be the primary focus. "This extensive campaign involved over 250 malicious Android applications and more than 80 malicious domains, all disguised as legitimat...

Related Articles

5 articles
1

Trend Micro Apex One Hit by Actively Exploited RCE Vulnerability

GB Hackers 1 hour ago

Trend Micro Apex One Hit by Actively Exploited RCE Vulnerability Trend Micro has issued an urgent security bulletin warning customers of critical remote code execution vulnerabilities in its Apex One on-premise management console that are being actively exploited by attackers in the wild. The cybersecurity company disclosed twocommand injectionflaws on August 5, 2025, both carrying a maximum CVSS score of 9.4, indicating the severity of the threat to enterprise networks worldwide. Critical Vulne

Score
87
Read more
3

Cyware unveils open-source MCP Server to power AI-driven cyber defense

Feeds2 1 hour ago

Cyware unveils open-source MCP Server to power AI-driven cyber defense Cywarehas released Cyware MCP Server (Model Context Protocol Server) to advance the future of AI-powered cyber defense. The new open-source capability is purpose-built to enable generative AI-native workflows, allowing seamless integration between Cyware’s threat intelligence; security automation platforms and large language models (LLMs). “Cyware MCP Server exposes our Agentic AI components to AI Assistants enabling access t

Score
82
Read more
4

CISA Warns of D-Link Vulnerabilities Actively Exploited in Attacks

Cybersecurity News 7 hours ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert, adding three vulnerabilities affecting D-Link devices to its Known Exploited Vulnerabilities (KEV) Catalog. The inclusion of these flaws in the catalog signifies that they are being actively exploited by malicious cyber actors in real-world attacks, posing a significant threat to networks. The […]

Score
82
Read more
5

DefCamp Capture the Flag (D-CTF) 2025 Quals

Ctftime 48 minutes ago

Name: DefCamp Capture the Flag (D-CTF) 2025 Quals (an Defcamp CTF Qualification event.) Date: Sept. 12, 2025, 10 a.m. — 14 Sept. 2025, 10:00 UTC   [add to calendar] Format: Jeopardy On-line Offical URL: Rating weight: 0.00 Event organizers: CCSIR.org

Score
81
Read more