Malware

Fake AI platforms deliver malware diguised as video content

Artificial Intelligence, cybercrime, Don't miss, Hot stuff, Malware, Morphisec, News, scams, SMBs, social engineering /

Fake AI platforms deliver malware diguised as video content 2025-05-09 at 16:53 By Zeljka Zorz A clever malware campaign delivering the novel Noodlophile malware is targeting creators and small businesses looking to enhance their productivity with AI tools. But, in an unusual twist, the threat actors are not disguising the malware as legitimate software, but […]

React to this headline:

Loading spinner

Fake AI platforms deliver malware diguised as video content Read More »

Malicious NPM Packages Target Cursor AI’s macOS Users

Cursor AI, Malware, Malware & Threats, NPM /

Malicious NPM Packages Target Cursor AI’s macOS Users 2025-05-09 at 16:12 By Ionut Arghire Three NPM packages posing as developer tools for Cursor AI code editor’s macOS version contain a backdoor. The post Malicious NPM Packages Target Cursor AI’s macOS Users appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Malicious NPM Packages Target Cursor AI’s macOS Users Read More »

The many variants of the ClickFix social engineering tactic

Datadog, Don't miss, Google, Hot stuff, Malware, News, phishing, Proofpoint, Sekoia.io, social engineering /

The many variants of the ClickFix social engineering tactic 2025-05-08 at 18:50 By Zeljka Zorz As new malware delivery campaigns using the ClickFix social engineering tactic are spotted nearly every month, it’s interesting to see how the various attackers are trying to refine the two main elements: the lure and the “instruction” page. In the

React to this headline:

Loading spinner

The many variants of the ClickFix social engineering tactic Read More »

Google Finds Data Theft Malware Used by Russian APT in Select Cases

Google, LostKeys, Malware, Malware & Threats, Russia, Star Blizzard /

Google Finds Data Theft Malware Used by Russian APT in Select Cases 2025-05-08 at 15:04 By Ionut Arghire Russia-linked APT Star Blizzard is using the ClickFix technique in recent attacks distributing the LostKeys malware. The post Google Finds Data Theft Malware Used by Russian APT in Select Cases appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Google Finds Data Theft Malware Used by Russian APT in Select Cases Read More »

Chinese APT’s Adversary-in-the-Middle Tool Dissected

AitM, China, Malware, Malware & Threats, TheWizards /

Chinese APT’s Adversary-in-the-Middle Tool Dissected 2025-05-01 at 14:18 By Ionut Arghire ESET has analyzed Spellbinder, the IPv6 SLAAC spoofing tool Chinese APT TheWizards uses to deploy its WizardNet backdoor. The post Chinese APT’s Adversary-in-the-Middle Tool Dissected appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Chinese APT’s Adversary-in-the-Middle Tool Dissected Read More »

Many Malware Campaigns Linked to Proton66 Network

ASN, bulletproof hosting, Malware, Malware & Threats, Proton66 /

Many Malware Campaigns Linked to Proton66 Network 2025-04-22 at 14:33 By Ionut Arghire Security researchers detail various malware campaigns that use bulletproof services linked to Proton66 ASN. The post Many Malware Campaigns Linked to Proton66 Network appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Many Malware Campaigns Linked to Proton66 Network Read More »

The Zoom attack you didn’t see coming

Cryptocurrency, cybercrime, Don't miss, Hot stuff, Malware, News, scams, social engineering, Trail of Bits, Zoom /

The Zoom attack you didn’t see coming 2025-04-18 at 17:02 By Zeljka Zorz Did you know that when participating in a Zoom call, you can grant permission to other participants to control your computer remotely? While this feature may come in handy when dealing with trusted family, friends and colleagues, threat actors have started abusing

React to this headline:

Loading spinner

The Zoom attack you didn’t see coming Read More »

Chinese APT Mustang Panda Updates, Expands Arsenal

APT, China, Malware, Mustang Panda, Nation-State /

Chinese APT Mustang Panda Updates, Expands Arsenal 2025-04-17 at 14:05 By Ionut Arghire The Chinese state-sponsored group Mustang Panda has used new and updated malicious tools in a recent attack. The post Chinese APT Mustang Panda Updates, Expands Arsenal appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Chinese APT Mustang Panda Updates, Expands Arsenal Read More »

Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild

backdoor, BPFDoor, China, Malware, Malware & Threats /

Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild 2025-04-16 at 14:55 By Ionut Arghire In recent attacks, the state-sponsored backdoor BPFDoor is using a controller to open a reverse shell and move laterally. The post Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild Read More »

Microsoft Warns of Node.js Abuse for Malware Delivery

Malware, Malware & Threats, Node.js /

Microsoft Warns of Node.js Abuse for Malware Delivery 2025-04-16 at 14:01 By Eduard Kovacs In the past months Microsoft has seen multiple campaigns involving Node.js to deliver malware and other malicious payloads. The post Microsoft Warns of Node.js Abuse for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Microsoft Warns of Node.js Abuse for Malware Delivery Read More »

New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations

cybercrime, Malware, Malware & Threats, Morphisec, ResolverRat /

New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations 2025-04-14 at 16:49 By Ionut Arghire Organizations in the healthcare and pharmaceutical sectors have been targeted with ResolverRAT, a new malware family with advanced capabilities. The post New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations Read More »

Package hallucination: LLMs may deliver malicious code to careless devs

Artificial Intelligence, Don't miss, Hot stuff, JavaScript, LLMs, Malware, News, programming, Python, software development /

Package hallucination: LLMs may deliver malicious code to careless devs 2025-04-14 at 15:46 By Zeljka Zorz LLMs’ tendency to “hallucinate” code packages that don’t exist could become the basis for a new type of supply chain attack dubbed “slopsquatting” (courtesy of Seth Larson, Security Developer-in-Residence at the Python Software Foundation). A known occurrence Many software

React to this headline:

Loading spinner

Package hallucination: LLMs may deliver malicious code to careless devs Read More »

Beware fake AutoCAD, SketchUp sites dropping malware

backdoor, cybercrime, Kaspersky, Malware, News /

Beware fake AutoCAD, SketchUp sites dropping malware 2025-04-03 at 09:47 By Help Net Security Malware peddlers are saddling users with the TookPS downloader and the Lapmon and TeviRat backdoors via malicious sites that mimic official ones and ostensibly offer legitimate software for download, Kaspersky researchers have warned. Malicious websites (Source: Kaspersky) The list of impersonated

React to this headline:

Loading spinner

Beware fake AutoCAD, SketchUp sites dropping malware Read More »

Open-source malware doubles, data exfiltration attacks dominate

cybercrime, Data exfiltration, Don't miss, Malware, News, open source, report, Sonatype /

Open-source malware doubles, data exfiltration attacks dominate 2025-04-03 at 07:02 By Help Net Security There’s been a notable shift in the types of threats targeting software developers, with a total of 17,954 open source malware packages identified in Q1 2025, according to Sonatype. Quarterly breakdown (Source: Sonatype) The Q1 figure represents a significant decrease from

React to this headline:

Loading spinner

Open-source malware doubles, data exfiltration attacks dominate Read More »

CISA reveals new malware variant used on compromised Ivanti Connect Secure devices

China, CISA, cyber espionage, Don't miss, Hot stuff, Ivanti, Malware, Mandiant, Microsoft, News /

CISA reveals new malware variant used on compromised Ivanti Connect Secure devices 2025-03-31 at 16:12 By Zeljka Zorz CISA has released indicators of compromise, detection signatures, and updated mitigation advice for rooting out a newly identified malware variant used by the attackers who breached Ivanti Connect Secure VPN appliances in December 2024 by exploiting the

React to this headline:

Loading spinner

CISA reveals new malware variant used on compromised Ivanti Connect Secure devices Read More »

‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft

Android malware, Banking Trojan, Crocodilus, Malware, Malware & Threats /

‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft 2025-03-31 at 14:05 By Ionut Arghire The newly identified Android banking trojan Crocodilus takes over devices, enabling overlay attacks, remote control, and keylogging. The post ‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft Read More »

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks

CISA, exploit, Ivanti, Malware, Malware & Threats, Resurge /

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks 2025-03-31 at 13:37 By Ionut Arghire CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day. The post CISA Analyzes Malware Used in Ivanti Zero-Day Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks Read More »

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe

Banking Trojan, Grandoreiro, Malware, Malware & Threats, trojan /

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe 2025-03-28 at 12:33 By Ionut Arghire The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe. The post Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe Read More »

macOS Users Warned of New Versions of ReaderUpdate Malware

adware, macOS malware, Malware, Malware & Threats, ReaderUpdate /

macOS Users Warned of New Versions of ReaderUpdate Malware 2025-03-26 at 13:51 By Ionut Arghire macOS users are targeted with multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages. The post macOS Users Warned of New Versions of ReaderUpdate Malware appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

macOS Users Warned of New Versions of ReaderUpdate Malware Read More »

Medusa Ransomware Uses Malicious Driver to Disable Security Tools

AbyssWorker, Malware, Malware & Threats, Medusa, Ransomware /

Medusa Ransomware Uses Malicious Driver to Disable Security Tools 2025-03-24 at 13:46 By Ionut Arghire The Medusa ransomware relies on a malicious Windows driver to disable the security tools running on the infected systems. The post Medusa Ransomware Uses Malicious Driver to Disable Security Tools appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Medusa Ransomware Uses Malicious Driver to Disable Security Tools Read More »

Scroll to Top