Threats Affecting United Kingdom

A malware campaign is targeting WhatsApp users globally by sending deceptive VBScript files disguised as business and financial documents from compromised contacts. When executed on Windows, the VBScript disables User Account Control (UAC) protections and silently installs ManageEngine Endpoint Central software configured to connect to attacker-controlled servers, granting remote access to the victim's PC. The campaign affects multiple countries and uses localized filenames to increase effectiveness. The exact method of WhatsApp account compromise is unknown. Users are advised to verify files received via WhatsApp and scan them before execution.

MediumMalwareBrazilIndiaMexico+8#remote

The WeedHack malware campaign is a large-scale operation targeting Minecraft players by distributing malicious mods, clients, cheats, and utilities. Since January 2026, it has infected over 116,000 systems globally, primarily in the US, Germany, India, and the UK. The malware operates as a malware-as-a-service (MaaS) infostealer, offering free and premium tiers that steal credentials, session IDs, cookies, and cryptocurrency wallet data, and provide remote access capabilities. Distribution relies heavily on YouTube videos and SEO poisoning to lure victims to malicious download sites. The campaign's scale is reflected in thousands of unique malicious files and hundreds of distribution URLs. Users are advised to only download Minecraft mods from official sources and use the in-game Marketplace for safety.

MediumMalwareUnited StatesGermanyIndia+1

A Chinese-speaking cybercrime group has expanded its targeting to the European space, deploying previously undocumented malware and the Atlas backdoor. [...]

MediumMalwareGermanyItalyUnited Kingdom+1

A malware-as-a-service campaign named Weedhack targets Minecraft users by distributing malicious Java JAR files via SEO poisoning and YouTube videos. The malware steals credentials, system information, and can remotely control infected systems. It is notable for its ease of access, free tier, and appeal to younger users, with infections primarily in the U. S.and several other countries. Additionally, a large CountLoader campaign spreads cryptocurrency clipper malware via cracked software, and a separate campaign distributes cryptocurrency miners through pirated content sites. These campaigns leverage sophisticated persistence and evasion techniques and have been active since early 2026.

MediumSecurity-newsUnited StatesGermanyIndia+9#cybersecurity#reddit

A large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January. [...]

MediumMalwareUnited StatesGermanyIndia+1

The UK National Cyber Security Centre (NCSC) conducted an extensive security analysis of the UK telecommunications sector as part of the DCMS Supply Chain Review initiated in 2018. This analysis resulted in technical recommendations aimed at improving the security posture of the telecom sector, including formal advice on the use of High Risk Vendors (HRVs). The summary document outlines the technical security analysis underpinning these recommendations but does not specify individual vulnerabilities or exploits. No known exploits in the wild have been reported related to this analysis. The severity of the findings is assessed as medium.

MediumVulnerabilityUnited Kingdom

An updated report from the NCSC explaining how UK law firms - of all sizes - can protect themselves from common cyber threats.

MediumVulnerabilityUnited Kingdom