Vidar Infostealer Strikes Back — Inside the Updated Malware-as-a-Service Threat

 

The infamous Vidar infostealer is back — and it’s stealthier than ever. First spotted in 2018, Vidar has evolved into a powerful malware-as-a-service platform capable of stealing credentials, cookies, financial data, authentication tokens, and more from compromised systems. Aryaka’s latest research on Vidar’s newest campaign explains: • Encrypted command-and-control (C2) channels • Abuse of built-in Windows tools and PowerShell • Covert exfiltration and bypass of Windows Defender and AMSI • Randomized directories, filenames, and hidden scheduled tasks • Hooks into browser APIs to snatch passwords before encryption They also cover actionable defenses to protect yourself and your organization: user education, PowerShell hardening, anomaly detection, layered DNS filtering, secure email/web gateways, and EDR tools. Vidar isn’t going away — but with the right visibility, layered defenses, and Plixer One you can stay one step ahead. https://www.darkreading.com/endpoint-security/vidar-infostealer-back-with-vengeance https://siliconangle.com/2025/09/04/vidar-infostealer-gains-traction-among-cybercriminals-ease-use-drives-adoption/

Salesforce OAuth Breach Exposes Hundreds of Companies | Why Network Visibility Matters

 

Between August 8–18, attackers weaponized stolen OAuth tokens to silently access Salesforce instances across hundreds of companies, including industry leaders like Palo Alto Networks and Google. This wasn’t brute force. 🔒 It blended into normal traffic 🛑 Bypassed logs, SIEM rules, and firewalls 📉 Result: customer data stolen, trust broken, supply chains disrupted The wake-up call? Blind trust in third-party integrations leaves you exposed. That’s why deep, continuous network visibility is no longer optional. With an Observability and Defense Platform like Plixer One, organizations can: * Analyze real-time + historical flow data * Detect anomalies like unusual Salesforce exports * Spot credential misuse from odd locations * Trace hidden lateral movement—even if logs are erased The Salesloft Drift breach proves it: reactive defenses aren’t enough. You need clarity, context, and confidence to stay ahead. What’s your take—are companies over-trusting third-party integrations? Comment below! Like | Subscribe | Stay Informed #Salesforce #Cybersecurity #PlixerOne #DataBreach #SupplyChainSecurity

AI-Powered Cybercrime Is Here: Massive Breaches & Dark Web Dumps

 

Cyber threats are escalating fast—and now AI is making them faster, smarter, and more dangerous than ever. As August 2025 wraps up, here’s what you need to know: ✅ Anthropic reports that cybercriminals are using Claude AI to automate data extortion campaigns, targeting at least 17 organizations. AI is no longer just advising on attacks—it’s executing them. ✅ AI-generated malware is lowering the barrier to entry, enabling criminals with minimal skills to run sophisticated operations. ✅ AI is now embedded in every stage of fraud—from profiling victims and analyzing stolen data to creating fake identities and scaling scams. Meanwhile, the real-world fallout continues: Farmers Insurance: Over 1 million policyholders exposed in a third-party vendor breach (names, addresses, birthdates, driver’s license numbers). https://mashable.com/article/farmers-insurance-data-breach-disclosure-what-states-affected PayPal: 16 million logins surfaced on the dark web for $2 (email + plaintext passwords). PayPal denies a new breach, suggesting old credentials—but credential stuffing risk is massive. https://www.techradar.com/pro/massive-data-breach-sees-16-million-paypal-accounts-leaked-online-heres-what-we-know-and-how-to-stay-safe TransUnion: A Salesforce-linked breach exposed data of 4.4 million consumers, including Social Security Numbers, tied to Shiny Hunters. https://www.techradar.com/pro/security/transunion-data-breach-may-have-affected-4-4-million-users-heres-what-we-know-and-how-to-stay-safe The threat landscape is worse than ever. Stay informed. Deploy advanced detection and countermeasures like Plixer One—and stay ahead by any means possible. For a deeper dive, check out Anthropic’s Threat Intelligence Report—it’s eye-opening. https://www.anthropic.com/news/detecting-countering-misuse-aug-2025 👍 Like, Subscribe & Share to stay ahead of cyber threats. #CyberSecurity #AI #DataBreach #ThreatIntelligence #InfoSec #DarkWeb #CyberCrime #Ransomware

QR Codes Are Being Weaponized! Beware of New ‘Quishing’ Attacks

QR Code scams have leveled up! Cybercriminals are now using Quishing (QR code phishing) to trick you into giving up your credentials.

Barracuda Threat Researchers have discovered a new wave of phishing attacks called Quishing, where cybercriminals use QR codes to steal credentials. Why is this so dangerous? ✅ QR codes look harmless and can’t be read by humans ✅ They bypass traditional email filters ✅ Users scan them on mobile devices, outside company security controls Now attackers are deploying Split QR Codes (one code split into two images) and Nested QR Codes (a malicious QR hidden inside a legitimate one) to evade detection. What can you do? ✔ Security awareness training ✔ Enable Multi-Factor Authentication ✔ Deploy AI-powered email protection that can identify these advanced QR-based threats, decode links, sandbox malicious URLs, and detect anomalies in real time. https://blog.barracuda.com/2025/08/20/threat-spotlight-split-nested-qr-codes-quishing-attacks Quishing is evolving—your defenses need to evolve too. Plixer can help.

Operation Secure Saint Paul: Interlock Ransomware Hits City with 43GB Data Leak

 

Have you heard about Operation Secure Saint Paul? The city of St. Paul, Minnesota, has confirmed the July 25 cyberattack was a ransomware assault carried out by the group Interlock. The hackers claim they posted 43 gigabytes of stolen city data online—including HR files and even personal items. The city refused to pay ransom and instead shut down its networks, disrupting public services like library Wi-Fi, online bill payments, and some city phone lines. Emergency services like 911 remained operational. Mayor Melvin Carter described the attackers as a sophisticated, money-driven criminal organization. A federal advisory about Interlock was issued just three days before the breach. St. Paul is now working with the FBI, the National Guard, and CISA to restore systems and secure its infrastructure. Over 2,000 of the city’s 3,500 employees have reset passwords as part of ‘Operation Secure Saint Paul.’ The city is also offering 12 months of credit monitoring to employees and warning residents to watch for fraudulent invoices. What lessons can your organization learn from this? Data backups, observability, and strong ransomware defenses are essential for hybrid environments. https://hackread.com/interlock-ransomware-leaks-st-paul-city-cyberattack-data/ https://www.infosecurity-magazine.com/news/st-paul-mayor-interlock-data-leak/ https://www.cbsnews.com/minnesota/news/melvin-carter-st-paul-cyberattack-update-august-11/ Like and subscribe for more cybersecurity updates and insights!

Is 2025 The Worst Year in Cybercrime History?

 

Flashpoint’s Alarming Midyear Threat Report thinks so. Cybercrime in 2025 isn’t just bad—it could be the worst year ever. According to Flashpoint’s 2025 Midyear Global Threat Intelligence Index, the numbers are staggering: • Credential theft via info-stealing malware like Lumma, RedLine, and Raccoon is up 800%. • Ransomware attacks jumped 179%, with demands averaging $676,000. • Data breaches surged 235%, impacting over 166 million people. • Vulnerability disclosures rose 246%, with 7,000+ exploitable flaws ready for attackers. Cybercrime is now blending with geopolitical conflict, creating a volatile and unpredictable threat landscape. This convergence demands proactive intelligence and holistic defense strategies—and platforms like Plixer One can help security teams stay ahead. Stay informed, stay protected—this could be just the visible tip of the iceberg. https://flashpoint.io/blog/flashpoint-2025-global-threat-intelligence-index-midyear/?CRO3=%233007_variant #CyberSecurity #Cybercrime #Ransomware #DataBreach #Infostealers #Flashpoint #Plixer #ThreatIntelligence

Online Scams Are Out of Control — 75% of Americans Hit! (Even NASCAR)

 

Three out of four Americans have been scammed online. According to a new Pew Research study, online fraud is everywhere: 💳 Fake credit charges 🔓 Hacked social, email & bank accounts 📱 Scam texts and phishing emails Even younger adults (18–29) are more likely to fall for scams than seniors. And most people don’t report it—because nearly 70% think the government is doing a bad job fighting cybercrime. https://www.pewresearch.org/internet/2025/07/31/online-scams-and-attacks-in-america-today/ It’s not just individuals, either. NASCAR was recently breached by the Medusa ransomware gang, and hackers demanded $4 million. https://www.securityweek.com/nascar-confirms-personal-information-stolen-in-ransomware-attack/ Plus, IBM reports the average cost of a U.S. data breach is now $10.22 million. https://www.securityweek.com/cost-of-data-breach-in-us-rises-to-10-22-million-says-latest-ibm-report/ These scams are not rare, and they’re not harmless. Don’t click suspicious links. Freeze your credit. And if you run a business, get visibility into data exfiltration events with Plixer One — a modern observability and defense platform. Like, Follow, and Stay Safe Online. I'm Peter for Plixer. Like, Sub, and Stay Safe Online.