Malware & Threats

Sophisticated Koske Linux Malware Developed With AI Aid

AI, Koske, Linux malware, Malware & Threats /

Sophisticated Koske Linux Malware Developed With AI Aid 2025-07-25 at 14:43 By Eduard Kovacs The Koske Linux malware shows how cybercriminals can use AI for payload development, persistence, and adaptivity. The post Sophisticated Koske Linux Malware Developed With AI Aid appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React […]

React to this headline:

Loading spinner

Sophisticated Koske Linux Malware Developed With AI Aid Read More »

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

China APT, exploited, Government, Malware & Threats, Microsoft, SharePoint, ToolShell, vulnerability /

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named 2025-07-24 at 12:35 By Eduard Kovacs More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors. The post ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named Read More »

Coyote Banking Trojan First to Abuse Microsoft UIA

Banking Trojan, Coyote, Malware, Malware & Threats, Microsoft UIA, Stealer /

Coyote Banking Trojan First to Abuse Microsoft UIA 2025-07-23 at 16:20 By Eduard Kovacs Akamai’s analysis of the Coyote malware revealed that it abuses Microsoft’s UIA accessibility framework to obtain data. The post Coyote Banking Trojan First to Abuse Microsoft UIA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Coyote Banking Trojan First to Abuse Microsoft UIA Read More »

Lumma Stealer Malware Returns After Takedown Attempt

Lumma Stealer, Malware, Malware & Threats, Resurge, return, takedown /

Lumma Stealer Malware Returns After Takedown Attempt 2025-07-23 at 13:03 By Eduard Kovacs The Lumma Stealer is back after Microsoft and law enforcement took action to significantly disrupt the malware’s infrastructure. The post Lumma Stealer Malware Returns After Takedown Attempt appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Lumma Stealer Malware Returns After Takedown Attempt Read More »

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch

China APT, exploited, Malware & Threats, Microsoft, SharePoint, ToolShell, Zero-Day /

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch 2025-07-22 at 20:47 By Eduard Kovacs Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days. The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch Read More »

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets

China, China APT, exploited, Featured, Malware & Threats, SharePoint, ToolShell, Vulnerabilities, Zero-Day /

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets 2025-07-22 at 11:44 By Eduard Kovacs More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities. The post ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets appeared first on SecurityWeek.

React to this headline:

Loading spinner

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets Read More »

Iranian APT Targets Android Users With New Variants of DCHSpy Spyware

Android malware, DCHSpy, Iran, Israel, Malware & Threats, mobile malware, spyware /

Iranian APT Targets Android Users With New Variants of DCHSpy Spyware 2025-07-21 at 16:15 By Ionut Arghire Iranian APT MuddyWater has been using new versions of the DCHSpy Android surveillance tool since the beginning of the conflict with Israel. The post Iranian APT Targets Android Users With New Variants of DCHSpy Spyware appeared first on

React to this headline:

Loading spinner

Iranian APT Targets Android Users With New Variants of DCHSpy Spyware Read More »

Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet

BadBox, botnet, Featured, fraud, Google, lawsuit, Malware & Threats /

Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet 2025-07-18 at 12:21 By Ionut Arghire Google has filed a lawsuit against the Badbox 2.0 botnet operators, after identifying over 10 million infected Android devices. The post Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet Read More »

Threat Actors Use SVG Smuggling for Browser-Native Redirection

JavaScript, Malware & Threats, redirect, SVG /

Threat Actors Use SVG Smuggling for Browser-Native Redirection 2025-07-15 at 17:51 By Ionut Arghire Obfuscated JavaScript code is embedded within SVG files for browser-native redirection to malicious pages. The post Threat Actors Use SVG Smuggling for Browser-Native Redirection appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Threat Actors Use SVG Smuggling for Browser-Native Redirection Read More »

New Interlock RAT Variant Distributed via FileFix Attacks

ClickFix, FileFix, InterLock, Malware & Threats, Ransomware, RAT /

New Interlock RAT Variant Distributed via FileFix Attacks 2025-07-14 at 15:27 By Ionut Arghire The Interlock ransomware group has partnered with the KongTuke TDS to distribute a new RAT variant via FileFix attacks. The post New Interlock RAT Variant Distributed via FileFix Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

New Interlock RAT Variant Distributed via FileFix Attacks Read More »

In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets Govs

In Other News, Malware & Threats /

In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets Govs 2025-07-11 at 15:32 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Microsoft shows attack against AMD processors, SentinelOne details latest ZuRu macOS malware version, Indian APT DoNot targets governments.  The post In Other News: Microsoft

React to this headline:

Loading spinner

In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets Govs Read More »

Legitimate Shellter Pen-Testing Tool Used in Malware Attacks

Malware & Threats, Shellter /

Legitimate Shellter Pen-Testing Tool Used in Malware Attacks 2025-07-08 at 20:30 By Ionut Arghire A stolen copy of Shellter Elite shows how easily legitimate security tools can be repurposed by threat actors when vetting and oversight fail. The post Legitimate Shellter Pen-Testing Tool Used in Malware Attacks appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Legitimate Shellter Pen-Testing Tool Used in Malware Attacks Read More »

North Korean Hackers Use Fake Zoom Updates to Install macOS Malware

Featured, macOS, Malware, Malware & Threats, North Korea /

North Korean Hackers Use Fake Zoom Updates to Install macOS Malware 2025-07-03 at 13:32 By Ionut Arghire SentinelOne says the fake Zoom update scam delivers ‘NimDoor’, a rare Nim-compiled backdoor. The post North Korean Hackers Use Fake Zoom Updates to Install macOS Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

North Korean Hackers Use Fake Zoom Updates to Install macOS Malware Read More »

Chinese Hackers Target Chinese Users With RAT, Rootkit

APT, China, China APT, Malware, Malware & Threats, Silver Fox /

Chinese Hackers Target Chinese Users With RAT, Rootkit 2025-06-27 at 13:02 By Ionut Arghire China-linked Silver Fox hacking group is targeting Chinese users with fake installers carrying a RAT and a rootkit. The post Chinese Hackers Target Chinese Users With RAT, Rootkit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Chinese Hackers Target Chinese Users With RAT, Rootkit Read More »

Hackers Abuse ConnectWise to Hide Malware

ConnectWise, Malware, Malware & Threats /

Hackers Abuse ConnectWise to Hide Malware 2025-06-25 at 15:52 By Ionut Arghire G Data has observed a surge in malware infections originating from ConnectWise applications with modified certificate tables. The post Hackers Abuse ConnectWise to Hide Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Hackers Abuse ConnectWise to Hide Malware Read More »

SonicWall Warns of Trojanized NetExtender Stealing User Information

infostealer, Malware, Malware & Threats, NetExtender, SonicWall, trojanized /

SonicWall Warns of Trojanized NetExtender Stealing User Information 2025-06-25 at 14:33 By Ionut Arghire SonicWall says a modified version of the legitimate NetExtender application contains information-stealing code. The post SonicWall Warns of Trojanized NetExtender Stealing User Information appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

SonicWall Warns of Trojanized NetExtender Stealing User Information Read More »

Russian APT Hits Ukrainian Government With New Malware via Signal

APT28, Malware, Malware & Threats, Nation-State, Russia, Signal, Ukraine /

Russian APT Hits Ukrainian Government With New Malware via Signal 2025-06-25 at 10:17 By Ionut Arghire Russia-linked APT28 deployed new malware against Ukrainian government targets through malicious documents sent via Signal chats. The post Russian APT Hits Ukrainian Government With New Malware via Signal appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Russian APT Hits Ukrainian Government With New Malware via Signal Read More »

Prometei Botnet Activity Spikes

botnet, Linux malware, Malware, Malware & Threats, Promotei /

Prometei Botnet Activity Spikes 2025-06-24 at 14:10 By Ionut Arghire Palo Alto Networks has observed a spike in Prometei activity since March 2025, pointing to a resurgence of the botnet. The post Prometei Botnet Activity Spikes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Prometei Botnet Activity Spikes Read More »

Photo-Stealing Spyware Sneaks Into Apple App Store, Google Play

Android malware, Cryptocurrency, iOS malware, Malware & Threats, Mobile & Wireless, SparkKitty, spyware /

Photo-Stealing Spyware Sneaks Into Apple App Store, Google Play 2025-06-24 at 12:45 By Ionut Arghire Newly discovered spyware has sneaked into Apple’s App Store and Google Play to steal images from users’ mobile devices. The post Photo-Stealing Spyware Sneaks Into Apple App Store, Google Play appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Photo-Stealing Spyware Sneaks Into Apple App Store, Google Play Read More »

North Korean Hackers Take Over Victims’ Systems Using Zoom Meeting

BlueNoroff, Cryptocurrency, cybercrime, DPRK, Malware & Threats, Nation-State, North Korea, Zoom, Zoom Meeting /

North Korean Hackers Take Over Victims’ Systems Using Zoom Meeting 2025-06-23 at 19:45 By Ionut Arghire North Korean hackers employ social engineering to trick Zoom Meeting participants into executing system-takeover commands. The post North Korean Hackers Take Over Victims’ Systems Using Zoom Meeting appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

North Korean Hackers Take Over Victims’ Systems Using Zoom Meeting Read More »

Scroll to Top