Breaking News – Cyber Threats (last 6h)
Generated: 2026-07-03 13:00 PDT
- New Avalon Malware Framework Packs CrownX Ransomware Capabilities
The Hacker News • 2026-07-03 11:55 • thehackernews.com
Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that’s distributed by means of a multi-stage phishing chain capable of bypassing traditional security controls.Avalon combines credential collection, lateral movement, remote access, recovery disruption, and ransomware execution, bringing together diverse functions under one
https://thehackernews.com/2026/07/new-avalon-malware-framework-packs.html - NetNut proxy network disrupted, 2 million infected devices cut off
BleepingComputer • 2026-07-03 10:50 • www.bleepingcomputer.com
A joint operation involving Google has disrupted NetNut, a residential proxy network that gave access to millions of compromised Android devices, including smart TVs and streaming boxes. […]
https://www.bleepingcomputer.com/news/security/netnut-proxy-network-disrupted-2-million-infected-devices-cut-off/ - North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets
The Hacker News • 2026-07-03 09:07 • thehackernews.com
Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft.According to JFrog, the packages “rollup-packages-polyfill-core” and “rollup-runtime-polyfill-core” mimic the legitimate “rollup-plugin-polyfill-node” project, down to the description, repository metadata, and
https://thehackernews.com/2026/07/north-korea-linked-npm-packages-mimic.html - ARToken PhaaS exposes EvilTokens' Microsoft 365 phishing toolkit
BleepingComputer • 2026-07-03 07:12 • www.bleepingcomputer.com
A new phishing-as-a-service (PhaaS) platform dubbed “ARToken” appears to operate as an affiliate of the EvilTokens phishing platform, giving researchers a glimpse into an extensive toolkit designed to compromise Microsoft 365. […]
https://www.bleepingcomputer.com/news/security/artoken-phaas-exposes-eviltokens-microsoft-365-phishing-toolkit/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
