Newspaper

← Back to digest
Cybersecurity & Privacy

North Korea’s APT37 Exploits Facebook for RokRAT

· 14 April 2026 · 2 sources

North Korea's APT37, also known as ScarCruft, has launched a sophisticated social engineering campaign on Facebook, adding targets as friends to distribute the RokRAT remote access trojan. This tactic leverages trust on social media to infiltrate systems stealthily. The operation highlights growing cyber threats from state-sponsored groups using popular platforms for malware delivery. Security experts warn users to be cautious of unsolicited friend requests and monitor for suspicious activity. Further investigations are underway to assess the full scope of infections caused by RokRAT.

research →

Sources (2)

JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025 The Hacker News (Security) 13 Apr 2026, 17:15
North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware The Hacker News (Security) 13 Apr 2026, 09:15

More from Cybersecurity & Privacy

  • PSN’s Massive 77M Account SQL Breach

    In April 2011, Sony’s PlayStation Network suffered the largest SQL injection attack ever recorded, exposing 77 million accounts and causing $171 million in damages. The breach revealed sensitive user data including emails, passwords, and payment info, forcing a 23-day service outage. Despite SQL injection being a known vulnerability for over a decade, basic protections were neglected. This incident remains a stark warning for cybersecurity, prompting ongoing efforts to fortify gaming networks worldwide.

    research →
  • AWS Shared Responsibility: Secure or Not?

    AWS is one of the world’s most secure cloud providers, yet thousands of data breaches still occur annually on its platform. The reason lies in the AWS Shared Responsibility Model, which clearly defines what AWS secures and what users must protect themselves. Without grasping this model, cloud security decisions are bound to fail. Understanding this distinction is crucial for anyone managing data or applications in AWS, as it directly impacts how security is implemented and maintained.

    research →
  • Google Penalizes Back Button Hijacking

    Google is cracking down on websites that hijack the browser back button, a practice that frustrates users by redirecting them to unexpected pages or ads. Starting June 15, sites engaging in this deceptive tactic will face penalties in Google Search rankings under the new 'malicious practices' spam policy. This move aims to restore normal browsing behavior and improve user experience. Users can expect cleaner search results free from sites that manipulate navigation.

    research →
  • Basic-Fit Data Breach Hits 1 Million

    Basic-Fit, Europe’s largest gym chain, confirmed a major data breach exposing personal and bank details of around 1 million members across six countries, including the Netherlands, Belgium, and France. The breach was detected and stopped within minutes, but sensitive data such as names, addresses, and bank accounts were stolen. Affected members have been notified, and authorities informed. The company is now working with security experts to prevent future incidents.

    research →
  • FBI Busts $20M W3LL Phishing Ring

    The FBI, in partnership with Indonesian police, has dismantled the W3LL phishing network, a cybercrime platform responsible for over $20 million in attempted fraud. The operation targeted more than 17,000 victims worldwide by selling a $500 phishing kit that bypassed multi-factor authentication on services like Microsoft 365. Authorities arrested the alleged developer and seized key domains, marking a significant blow to global phishing operations. The takedown highlights ongoing international cooperation to combat cybercrime.

    research →
  • Anthropic’s Mythos Sparks Cybersecurity Debate

    Anthropic’s new AI model, Mythos, has ignited a fierce debate over cybersecurity risks. The company warns Mythos is so powerful it could autonomously find and exploit security flaws, prompting fears it’s too dangerous for public release. While some experts argue the real challenge lies in fixing vulnerabilities rather than exposing them, U.S. officials remain concerned about potential threats to critical infrastructure. Talks between Anthropic and the U.S. government are ongoing amid these tensions, highlighting the complex balance between innovation and security.

    research →
  • Meta Faces Backlash Over Facial Recognition Glasses

    Meta is under intense pressure from over 70 advocacy groups demanding it scrap facial recognition on its Ray-Ban and Oakley smart glasses. The feature, known internally as “Name Tag,” is feared to empower stalkers, abusers, and government agents to identify strangers without consent. Critics argue no safeguards can mitigate the risks, calling for a full cancellation before launch. Meta’s plans have sparked a major privacy debate, with the company accused of exploiting political distractions to push the tech forward. The coming weeks will reveal if Meta will heed these warnings or proceed amid growing controversy.

    research →
  • Kaspersky Reveals 2025 Cyberattack Surge

    Kaspersky released a comprehensive report analyzing over 400,000 security alerts from its MDR system in 2025. Despite AI filtering nearly a quarter automatically, SOC teams still faced an overwhelming number of potential threats, with only about 21,000 incidents reaching clients. The findings highlight critical gaps in how many SOCs utilize their data, signaling a need for improved cybersecurity strategies as threats escalate. Experts warn 2026 will be a pivotal year for cyber defense readiness worldwide.

    research →
  • Adobe Patches Critical PDF Zero-Day

    Adobe has urgently patched a critical zero-day vulnerability, CVE-2026-34621, in Acrobat and Reader exploited since December. The flaw lets malicious PDFs bypass sandboxing and run privileged JavaScript, enabling attackers to steal files without user interaction. This fix arrives after months of active exploitation, closing a dangerous backdoor. Users should update immediately to prevent further breaches.

    research →
  • Inside Airport Website Anti-Scraping Walls

    Scraping data from over 200 airport departure boards is far from simple, reveals the creator of MyAirports. Despite airports not being typical targets like e-commerce or news sites, their websites deploy heavy-duty anti-bot defenses similar to banks, often unknowingly bundled with their CDN contracts. These layers, including aggressive IP rate limiting, make real-time flight data scraping a constant battle. The ongoing challenge highlights the complexity behind seemingly straightforward travel info, with scrapers continually adapting to new hurdles.

    research →
  • Europe's Digital Sovereignty Takes Center Stage

    At KubeCon Europe 2026 in Amsterdam, digital sovereignty emerged as a critical issue for European governments and companies, highlighting their growing unease with dependence on US tech giants. Thierry Carrez of Linux Foundation Europe emphasized that while encryption tech can protect data, political risks remain when US authorities could potentially cut access to essential services. This shift signals Europe's urgent push to control its digital infrastructure and reduce reliance on foreign powers. The coming months will likely see intensified efforts to build homegrown cloud and data solutions.

    research →
  • How Texans Are Unblocking Pornhub

    With Texas enforcing strict age verification laws, Pornhub has blocked access to millions of users in the state. However, many Texans are bypassing these restrictions using VPN services like ExpressVPN to regain access. This ongoing cat-and-mouse game highlights the tension between regulation and online freedom. As lawmakers push for tighter controls, users continue seeking ways around the blocks.

    research →
← Back to digest