Password managers are under threat in 2025. What the LastPass breach taught us
Back in August 2022, password manager LastPass suffered a massive breach. A still-unknown cyber criminal successfully targeted one of LastPass’ four DevOps engineers who had access to the decryption keys for the cloud storage service. Using the engineer’s stolen credentials, the hacker was able to infiltrate LastPass’ systems undetected. This breach lasted for months and continued even after LastPass believed the threat had been contained.
Phishing platform ‘Lucid’ behind wave of iOS, Android SMS attacks
A phishing-as-a-service (PhaaS) platform named ‘Lucid’ has been targeting 169 entities in 88 countries using well-crafted messages sent on iMessage (iOS) and RCS (Android). Lucid, which has been operated by Chinese cybercriminals known as the ‘XinXin group’ since mid-2023, is sold to other threat actors via a subscription-based model that gives them access to over 1,000 phishing domains, tailored auto-generated phishing sites, and pro-grade spamming tools. Prodaft researchers note that XinXin has also been using the Darcula v3 platform for its operations, which indicates a potential connection between the two PhaaS platforms.
Top cybersecurity boffin, wife vanish as FBI raids homes
A tenured computer security professor at Indiana University and his university-employed wife have not been seen publicly since federal agents raided their homes late last week. On Friday, the FBI with help from the cops searched two properties in Bloomington and Carmel, Indiana, belonging to Xiaofeng Wang, a professor at the Indiana Luddy School of Informatics, Computing, and Engineering – who’s been with the American university for more than 20 years – and Nianli Ma, a lead library systems analyst and programmer also at the university.
Crimelords at Hunters International tell lackeys ransomware too ‘risky’
Big-game ransomware crew Hunters International says its criminal undertaking has become “unpromising, low-converting, and extremely risky,” and it is mulling shifting tactics amid an apparent rebrand. This is according to researchers at Group-IB, who believe a spinoff – which will focus on extortion involving purely the theft of data – is under formation by the gang’s senior personnel. They think, however, the old group is still currently operating. Victims of Hunters International include Tata Technologies, a plastic surgeon with an office in Beverly Hills, and Industrial and Commercial Bank of China’s London HQ.
Hackers Exploit Microsoft Teams in Multi-Stage AI Cyberattack
Cybercriminals are getting smarter, and their latest attack leverages Microsoft Teams and remote access tools to infiltrate enterprise networks. Discovered by Ontinue researchers, this multi-stage cyberattack uses social engineering and stealthy techniques to bypass security defenses, making it a serious threat to organizations worldwide. According to a new report from the Ontinue Cyber Defence Centre, this sophisticated multi-stage cyberattack starts with a Microsoft Teams message delivering a malicious PowerShell payload. The attacker then gains initial access using Microsoft Quick Assist before deploying a signed TeamViewer binary along with a malicious DLL named “TV.dll.” These signed binaries help the hacker bypass endpoint detection and response (EDR) solutions, making the attack even harder to detect.
