Malware

New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations

cybercrime, Malware, Malware & Threats, Morphisec, ResolverRat /

New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations 2025-04-14 at 16:49 By Ionut Arghire Organizations in the healthcare and pharmaceutical sectors have been targeted with ResolverRAT, a new malware family with advanced capabilities. The post New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to […]

React to this headline:

Loading spinner

New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations Read More »

Package hallucination: LLMs may deliver malicious code to careless devs

Artificial Intelligence, Don't miss, Hot stuff, JavaScript, LLMs, Malware, News, programming, Python, software development /

Package hallucination: LLMs may deliver malicious code to careless devs 2025-04-14 at 15:46 By Zeljka Zorz LLMs’ tendency to “hallucinate” code packages that don’t exist could become the basis for a new type of supply chain attack dubbed “slopsquatting” (courtesy of Seth Larson, Security Developer-in-Residence at the Python Software Foundation). A known occurrence Many software

React to this headline:

Loading spinner

Package hallucination: LLMs may deliver malicious code to careless devs Read More »

Beware fake AutoCAD, SketchUp sites dropping malware

backdoor, cybercrime, Kaspersky, Malware, News /

Beware fake AutoCAD, SketchUp sites dropping malware 2025-04-03 at 09:47 By Help Net Security Malware peddlers are saddling users with the TookPS downloader and the Lapmon and TeviRat backdoors via malicious sites that mimic official ones and ostensibly offer legitimate software for download, Kaspersky researchers have warned. Malicious websites (Source: Kaspersky) The list of impersonated

React to this headline:

Loading spinner

Beware fake AutoCAD, SketchUp sites dropping malware Read More »

Open-source malware doubles, data exfiltration attacks dominate

cybercrime, Data exfiltration, Don't miss, Malware, News, open source, report, Sonatype /

Open-source malware doubles, data exfiltration attacks dominate 2025-04-03 at 07:02 By Help Net Security There’s been a notable shift in the types of threats targeting software developers, with a total of 17,954 open source malware packages identified in Q1 2025, according to Sonatype. Quarterly breakdown (Source: Sonatype) The Q1 figure represents a significant decrease from

React to this headline:

Loading spinner

Open-source malware doubles, data exfiltration attacks dominate Read More »

CISA reveals new malware variant used on compromised Ivanti Connect Secure devices

China, CISA, cyber espionage, Don't miss, Hot stuff, Ivanti, Malware, Mandiant, Microsoft, News /

CISA reveals new malware variant used on compromised Ivanti Connect Secure devices 2025-03-31 at 16:12 By Zeljka Zorz CISA has released indicators of compromise, detection signatures, and updated mitigation advice for rooting out a newly identified malware variant used by the attackers who breached Ivanti Connect Secure VPN appliances in December 2024 by exploiting the

React to this headline:

Loading spinner

CISA reveals new malware variant used on compromised Ivanti Connect Secure devices Read More »

‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft

Android malware, Banking Trojan, Crocodilus, Malware, Malware & Threats /

‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft 2025-03-31 at 14:05 By Ionut Arghire The newly identified Android banking trojan Crocodilus takes over devices, enabling overlay attacks, remote control, and keylogging. The post ‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft Read More »

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks

CISA, exploit, Ivanti, Malware, Malware & Threats, Resurge /

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks 2025-03-31 at 13:37 By Ionut Arghire CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day. The post CISA Analyzes Malware Used in Ivanti Zero-Day Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks Read More »

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe

Banking Trojan, Grandoreiro, Malware, Malware & Threats, trojan /

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe 2025-03-28 at 12:33 By Ionut Arghire The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe. The post Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe Read More »

macOS Users Warned of New Versions of ReaderUpdate Malware

adware, macOS malware, Malware, Malware & Threats, ReaderUpdate /

macOS Users Warned of New Versions of ReaderUpdate Malware 2025-03-26 at 13:51 By Ionut Arghire macOS users are targeted with multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages. The post macOS Users Warned of New Versions of ReaderUpdate Malware appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

macOS Users Warned of New Versions of ReaderUpdate Malware Read More »

Medusa Ransomware Uses Malicious Driver to Disable Security Tools

AbyssWorker, Malware, Malware & Threats, Medusa, Ransomware /

Medusa Ransomware Uses Malicious Driver to Disable Security Tools 2025-03-24 at 13:46 By Ionut Arghire The Medusa ransomware relies on a malicious Windows driver to disable the security tools running on the infected systems. The post Medusa Ransomware Uses Malicious Driver to Disable Security Tools appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Medusa Ransomware Uses Malicious Driver to Disable Security Tools Read More »

RansomHub affiliate leverages multi-function Betruger backdoor

backdoor, Don't miss, Hot stuff, Malware, News, Ransomware, Symantec /

RansomHub affiliate leverages multi-function Betruger backdoor 2025-03-20 at 12:03 By Zeljka Zorz A RansomHub affiliate is leveraging a new multi-function backdoor dubbed Betruger to perform various actions during their attacks, Symantec researchers have discovered. The Betruger backdoor The malware can take screenshots, log keystroke, scan networks, dump credentials, upload files to a command and control

React to this headline:

Loading spinner

RansomHub affiliate leverages multi-function Betruger backdoor Read More »

Microsoft Warns of New StilachiRAT Malware

Malware, Malware & Threats, RAT, StilachiRAT /

Microsoft Warns of New StilachiRAT Malware 2025-03-19 at 12:00 By Eduard Kovacs Microsoft has shared details on StilachiRAT, an evasive and persistent piece of malware that facilitates sensitive data theft. The post Microsoft Warns of New StilachiRAT Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Microsoft Warns of New StilachiRAT Malware Read More »

11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft

APT, LNK, Malware, Malware & Threats, ZDI /

11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft 2025-03-18 at 16:02 By Eduard Kovacs ZDI has uncovered 1,000 malicious .lnk files used by state-sponsored and cybercrime threat actors to execute malicious commands. The post 11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft Read More »

Stealthy StilachiRAT steals data, may enable lateral movement

data theft, Malware, malware detection, Microsoft, News, Remote Access Trojan, Windows /

Stealthy StilachiRAT steals data, may enable lateral movement 2025-03-18 at 15:48 By Zeljka Zorz While still not widely distributed, a new Windows remote access trojan (RAT) dubbed StilachiRAT is a serious threat. “[The malware] demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data,” Microsoft threat analysts have warned on

React to this headline:

Loading spinner

Stealthy StilachiRAT steals data, may enable lateral movement Read More »

FBI: Free file converter sites and tools deliver malware

adware, Don't miss, FBI, Hot stuff, Malware, Malwarebytes, News, trojan /

FBI: Free file converter sites and tools deliver malware 2025-03-18 at 13:35 By Zeljka Zorz Malware peddlers are increasingly targeting users who are searching for free file converter services (websites) and tools, the FBI’s Denver Field Office has warned earlier this month. “To conduct this scheme, cyber criminals across the globe are using any type

React to this headline:

Loading spinner

FBI: Free file converter sites and tools deliver malware Read More »

100 Car Dealerships Hit by Supply Chain Attack

ClickFix, Malware, Malware & Threats, supply chain, Supply Chain Security /

100 Car Dealerships Hit by Supply Chain Attack 2025-03-17 at 14:17 By Ionut Arghire The websites of over 100 auto dealerships were found serving malicious ClickFix code in a supply chain compromise. The post 100 Car Dealerships Hit by Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

100 Car Dealerships Hit by Supply Chain Attack Read More »

Microsoft Warns of Hospitality Sector Attacks Involving ClickFix

ClickFix, Malware, phishing /

Microsoft Warns of Hospitality Sector Attacks Involving ClickFix 2025-03-13 at 17:02 By Eduard Kovacs A cybercrime group named Storm-1865 has targeted hospitality organizations via fake Booking.com emails and the use of social engineering. The post Microsoft Warns of Hospitality Sector Attacks Involving ClickFix appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Microsoft Warns of Hospitality Sector Attacks Involving ClickFix Read More »

DeepSeek’s Malware-Generation Capabilities Put to Test

AI, Artificial Intelligence, DeepSeek, Keylogger, Malware, Malware & Threats, Ransomware /

DeepSeek’s Malware-Generation Capabilities Put to Test 2025-03-13 at 15:01 By Eduard Kovacs Researchers have analyzed the ability of the Chinese gen-AI DeepSeek to create malware such as ransomware and keyloggers. The post DeepSeek’s Malware-Generation Capabilities Put to Test appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

DeepSeek’s Malware-Generation Capabilities Put to Test Read More »

New Ballista IoT Botnet Linked to Italian Threat Actor

Ballista, botnet, Malware, Malware & Threats /

New Ballista IoT Botnet Linked to Italian Threat Actor 2025-03-11 at 19:05 By Eduard Kovacs Cato Networks has analyzed a new IoT botnet named Ballista, which targets TP-Link Archer routers.   The post New Ballista IoT Botnet Linked to Italian Threat Actor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

New Ballista IoT Botnet Linked to Italian Threat Actor Read More »

Is your email or password among the 240+ million compromised by infostealers?

credentials, Don't miss, Hot stuff, Malware, News, passwords /

Is your email or password among the 240+ million compromised by infostealers? 2025-02-26 at 18:00 By Zeljka Zorz For the second time since the start of 2025, a huge number of login credentials extracted from infostealer logs has been added to the database powering the HaveIBeenPwned (HIBP) site and breach notification service. In January 2025,

React to this headline:

Loading spinner

Is your email or password among the 240+ million compromised by infostealers? Read More »

Scroll to Top