Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode

Surging Investments in AI Are Transforming Cybersecurity

Kindly see my recent Forbes article: “”

Thanks and have a great weekend!

#artificialintelligence #cybersecurity #tech #investments #futuretrends

AI is transforming cybersecurity, and investments are following in close concert with those trends. AI systems seek to replicate human traits and computational capabilities in a machine and surpass human limitations and speed. Elements of AI emergence consist of machine learning and natural language processing. Today, AI can understand, diagnose, and solve problems from both structured and unstructured data—and in some cases, without being specifically programmed.

AI is becoming integral in cybersecurity, and companies are logically investing in AI-based defenses against cyberattacks, and the demand for them is expected to grow in the next few years. AI offers a logical collection of tools and the best chance for defenders that work in an environment characterized by an uneven threat level and are already short on workforce and money. The demand for AI is growing due to expanded risks and threats to enterprises.

This is unambiguous evidence that AI is becoming increasingly important in cybersecurity, and organizations must capitalize on its potential to remain competitive.

Continue reading “Surging Investments in AI Are Transforming Cybersecurity” | >

Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks

Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry (“open-vsx[.]org”) that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk.

“This vulnerability provides attackers full control over the entire extensions marketplace, and in turn, full control over millions of developer machines,” Koi Security researcher Oren Yomtov said. “By exploiting a CI issue a malicious actor could publish malicious updates to every extension on Open VSX.”

Following responsible disclosure on May 4, 2025, multiple rounds of fixes were proposed by the maintainers, before a final patch was deployed on June 25.

New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks

“The list of threats that ClickFix attacks lead to is growing by the day, including infostealers, ransomware, remote access trojans, cryptominers, post-exploitation tools, and even custom malware from nation-state-aligned threat actors,” Jiří Kropáč, Director of Threat Prevention Labs at ESET, said.

ClickFix has become a widely popular and deceptive method that employs bogus error messages or CAPTCHA verification checks to entice victims into copying and pasting a malicious script into either the Windows Run dialog or the Apple macOS Terminal app, and running it.

The Slovak cybersecurity company said the highest volume of ClickFix detections are concentrated around Japan, Peru, Poland, Spain, and Slovakia.

Malware on Google Play, Apple App Store stole your photos—and crypto

A new mobile crypto-stealing malware called SparkKitty was found in apps on Google Play and the Apple App Store, targeting Android and iOS devices.

The malware is a possible evolution of SparkCat, which Kaspersky discovered in January. SparkCat used optical character recognition (OCR) to steal cryptocurrency wallet recovery phrases from images saved on infected devices.

When installing crypto wallets, the installation process tells users to write down the wallet’s recovery phrase and store it in a secure, offline location.

Qilin Ransomware Adds “Call Lawyer” Feature to Pressure Victims for Larger Ransoms

The threat actors behind the Qilin ransomware-as-a-service (RaaS) scheme are now offering legal counsel for affiliates to put more pressure on victims to pay up, as the cybercrime group intensifies its activity and tries to fill the void left by its rivals.

The new feature takes the form of a “Call Lawyer” feature on the affiliate panel, per Israeli cybersecurity company Cybereason.

The development represents a newfound resurgence of the e-crime group as once-popular ransomware groups like LockBit, Black Cat, RansomHub, Everest, and BlackLock have suffered abrupt cessations, operational failures, and defacements. The group, also tracked as Gold Feather and Water Galura, has been active since October 2022.

Iran’s State TV Hijacked Mid-Broadcast Amid Geopolitical Tensions; $90M Stolen in Crypto Heist

Cybersecurity firm Radware said nearly 40% of all hacktivist DDoS activity has been directed against Israel since the onset of the latest flare-up. On June 17, the hacktivist group DieNet warned it would launch cyber-attacks at the United States should it join the conflict against Iran.

The message has since been amplified by other groups like Arabian Ghosts, Sylhet Gang, and Team Fearless, suggesting that these entities are forming a potential collaboration in cyberspace as battle rages on the ground.

“Companies are urged to take maximum vigilance. The warning signs are clear. Critical infrastructure, supply chains, and even global businesses could become collateral targets if the cyber crossfire intensifies,” said Pascal Geenens, director of threat intelligence at Radware.