Malware & Threats

Exposed Docker APIs Likely Exploited to Build Botnet

Exposed Docker APIs Likely Exploited to Build Botnet 2025-09-09 at 17:07 By Ionut Arghire Hackers mount the host’s file system into fresh containers, fetch malicious scripts over the Tor network, and block access to the Docker API. The post Exposed Docker APIs Likely Exploited to Build Botnet appeared first on SecurityWeek. This article is an […]

React to this headline:

Loading spinner

Exposed Docker APIs Likely Exploited to Build Botnet Read More »

China-Linked Hackers Hijack Web Traffic to Deliver Backdoor

China-Linked Hackers Hijack Web Traffic to Deliver Backdoor 2025-08-27 at 19:24 By Ionut Arghire Google researchers say China-linked UNC6384 combined social engineering, signed malware, and adversary-in-the-middle attacks to evade detection. The post China-Linked Hackers Hijack Web Traffic to Deliver Backdoor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

China-Linked Hackers Hijack Web Traffic to Deliver Backdoor Read More »

Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime

Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime 2025-08-27 at 15:46 By Kevin Townsend Competition among malware-as-a-service developers has transformed infostealers into refined, accessible tools for cybercriminals worldwide. The post Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime Read More »

PromptLock: First AI-Powered Ransomware Emerges

PromptLock: First AI-Powered Ransomware Emerges 2025-08-27 at 14:51 By Ionut Arghire Proof-of-concept ransomware uses AI models to generate attack scripts in real time. The post PromptLock: First AI-Powered Ransomware Emerges appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

PromptLock: First AI-Powered Ransomware Emerges Read More »

Anatsa Android Banking Trojan Now Targeting 830 Financial Apps

Anatsa Android Banking Trojan Now Targeting 830 Financial Apps 2025-08-25 at 14:33 By Ionut Arghire The Anatsa Android banking trojan has expanded its target list to new countries and more cryptocurrency applications. The post Anatsa Android Banking Trojan Now Targeting 830 Financial Apps appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Anatsa Android Banking Trojan Now Targeting 830 Financial Apps Read More »

Hundreds Targeted in New Atomic macOS Stealer Campaign

Hundreds Targeted in New Atomic macOS Stealer Campaign 2025-08-22 at 11:57 By Ionut Arghire Between June and August, over 300 entities were targeted with the Atomic macOS Stealer via malvertising. The post Hundreds Targeted in New Atomic macOS Stealer Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Hundreds Targeted in New Atomic macOS Stealer Campaign Read More »

Microsoft Dissects PipeMagic Modular Backdoor

Microsoft Dissects PipeMagic Modular Backdoor 2025-08-19 at 17:07 By Ionut Arghire PipeMagic, which poses as a ChatGPT application, is a modular malware framework that provides persistent access and flexibility. The post Microsoft Dissects PipeMagic Modular Backdoor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Microsoft Dissects PipeMagic Modular Backdoor Read More »

In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment

In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment 2025-08-08 at 16:42 By SecurityWeek News Noteworthy stories that might have slipped under the radar: federal court filing system hack, Chanel data breach, emergency CISA directive. The post In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment appeared

React to this headline:

Loading spinner

In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment Read More »

Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware

Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware 2025-08-05 at 19:12 By Eduard Kovacs Microsoft has unveiled Project Ire, a prototype autonomous AI agent that can analyze any software file to determine if it’s malicious. The post Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware Read More »

Sophisticated Koske Linux Malware Developed With AI Aid

Sophisticated Koske Linux Malware Developed With AI Aid 2025-07-25 at 14:43 By Eduard Kovacs The Koske Linux malware shows how cybercriminals can use AI for payload development, persistence, and adaptivity. The post Sophisticated Koske Linux Malware Developed With AI Aid appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Sophisticated Koske Linux Malware Developed With AI Aid Read More »

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named 2025-07-24 at 12:35 By Eduard Kovacs More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors. The post ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named Read More »

Coyote Banking Trojan First to Abuse Microsoft UIA

Coyote Banking Trojan First to Abuse Microsoft UIA 2025-07-23 at 16:20 By Eduard Kovacs Akamai’s analysis of the Coyote malware revealed that it abuses Microsoft’s UIA accessibility framework to obtain data. The post Coyote Banking Trojan First to Abuse Microsoft UIA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Coyote Banking Trojan First to Abuse Microsoft UIA Read More »

Lumma Stealer Malware Returns After Takedown Attempt

Lumma Stealer Malware Returns After Takedown Attempt 2025-07-23 at 13:03 By Eduard Kovacs The Lumma Stealer is back after Microsoft and law enforcement took action to significantly disrupt the malware’s infrastructure. The post Lumma Stealer Malware Returns After Takedown Attempt appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Lumma Stealer Malware Returns After Takedown Attempt Read More »

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch 2025-07-22 at 20:47 By Eduard Kovacs Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days. The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch Read More »

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets 2025-07-22 at 11:44 By Eduard Kovacs More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities. The post ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets appeared first on SecurityWeek.

React to this headline:

Loading spinner

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets Read More »

Iranian APT Targets Android Users With New Variants of DCHSpy Spyware

Iranian APT Targets Android Users With New Variants of DCHSpy Spyware 2025-07-21 at 16:15 By Ionut Arghire Iranian APT MuddyWater has been using new versions of the DCHSpy Android surveillance tool since the beginning of the conflict with Israel. The post Iranian APT Targets Android Users With New Variants of DCHSpy Spyware appeared first on

React to this headline:

Loading spinner

Iranian APT Targets Android Users With New Variants of DCHSpy Spyware Read More »

Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet

Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet 2025-07-18 at 12:21 By Ionut Arghire Google has filed a lawsuit against the Badbox 2.0 botnet operators, after identifying over 10 million infected Android devices. The post Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet Read More »

Threat Actors Use SVG Smuggling for Browser-Native Redirection

Threat Actors Use SVG Smuggling for Browser-Native Redirection 2025-07-15 at 17:51 By Ionut Arghire Obfuscated JavaScript code is embedded within SVG files for browser-native redirection to malicious pages. The post Threat Actors Use SVG Smuggling for Browser-Native Redirection appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Threat Actors Use SVG Smuggling for Browser-Native Redirection Read More »

New Interlock RAT Variant Distributed via FileFix Attacks

New Interlock RAT Variant Distributed via FileFix Attacks 2025-07-14 at 15:27 By Ionut Arghire The Interlock ransomware group has partnered with the KongTuke TDS to distribute a new RAT variant via FileFix attacks. The post New Interlock RAT Variant Distributed via FileFix Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

New Interlock RAT Variant Distributed via FileFix Attacks Read More »

In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets Govs

In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets Govs 2025-07-11 at 15:32 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Microsoft shows attack against AMD processors, SentinelOne details latest ZuRu macOS malware version, Indian APT DoNot targets governments.  The post In Other News: Microsoft

React to this headline:

Loading spinner

In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets Govs Read More »

Scroll to Top