Malware & Threats

Microsoft Dissects PipeMagic Modular Backdoor

Microsoft Dissects PipeMagic Modular Backdoor 2025-08-19 at 17:07 By Ionut Arghire PipeMagic, which poses as a ChatGPT application, is a modular malware framework that provides persistent access and flexibility. The post Microsoft Dissects PipeMagic Modular Backdoor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Microsoft Dissects PipeMagic Modular Backdoor Read More »

In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment

In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment 2025-08-08 at 16:42 By SecurityWeek News Noteworthy stories that might have slipped under the radar: federal court filing system hack, Chanel data breach, emergency CISA directive. The post In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment appeared

React to this headline:

Loading spinner

In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment Read More »

Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware

Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware 2025-08-05 at 19:12 By Eduard Kovacs Microsoft has unveiled Project Ire, a prototype autonomous AI agent that can analyze any software file to determine if it’s malicious. The post Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware Read More »

Sophisticated Koske Linux Malware Developed With AI Aid

Sophisticated Koske Linux Malware Developed With AI Aid 2025-07-25 at 14:43 By Eduard Kovacs The Koske Linux malware shows how cybercriminals can use AI for payload development, persistence, and adaptivity. The post Sophisticated Koske Linux Malware Developed With AI Aid appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Sophisticated Koske Linux Malware Developed With AI Aid Read More »

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named 2025-07-24 at 12:35 By Eduard Kovacs More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors. The post ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named Read More »

Coyote Banking Trojan First to Abuse Microsoft UIA

Coyote Banking Trojan First to Abuse Microsoft UIA 2025-07-23 at 16:20 By Eduard Kovacs Akamai’s analysis of the Coyote malware revealed that it abuses Microsoft’s UIA accessibility framework to obtain data. The post Coyote Banking Trojan First to Abuse Microsoft UIA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Coyote Banking Trojan First to Abuse Microsoft UIA Read More »

Lumma Stealer Malware Returns After Takedown Attempt

Lumma Stealer Malware Returns After Takedown Attempt 2025-07-23 at 13:03 By Eduard Kovacs The Lumma Stealer is back after Microsoft and law enforcement took action to significantly disrupt the malware’s infrastructure. The post Lumma Stealer Malware Returns After Takedown Attempt appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Lumma Stealer Malware Returns After Takedown Attempt Read More »

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch 2025-07-22 at 20:47 By Eduard Kovacs Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days. The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch Read More »

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets 2025-07-22 at 11:44 By Eduard Kovacs More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities. The post ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets appeared first on SecurityWeek.

React to this headline:

Loading spinner

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets Read More »

Iranian APT Targets Android Users With New Variants of DCHSpy Spyware

Iranian APT Targets Android Users With New Variants of DCHSpy Spyware 2025-07-21 at 16:15 By Ionut Arghire Iranian APT MuddyWater has been using new versions of the DCHSpy Android surveillance tool since the beginning of the conflict with Israel. The post Iranian APT Targets Android Users With New Variants of DCHSpy Spyware appeared first on

React to this headline:

Loading spinner

Iranian APT Targets Android Users With New Variants of DCHSpy Spyware Read More »

Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet

Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet 2025-07-18 at 12:21 By Ionut Arghire Google has filed a lawsuit against the Badbox 2.0 botnet operators, after identifying over 10 million infected Android devices. The post Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet Read More »

Threat Actors Use SVG Smuggling for Browser-Native Redirection

Threat Actors Use SVG Smuggling for Browser-Native Redirection 2025-07-15 at 17:51 By Ionut Arghire Obfuscated JavaScript code is embedded within SVG files for browser-native redirection to malicious pages. The post Threat Actors Use SVG Smuggling for Browser-Native Redirection appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Threat Actors Use SVG Smuggling for Browser-Native Redirection Read More »

New Interlock RAT Variant Distributed via FileFix Attacks

New Interlock RAT Variant Distributed via FileFix Attacks 2025-07-14 at 15:27 By Ionut Arghire The Interlock ransomware group has partnered with the KongTuke TDS to distribute a new RAT variant via FileFix attacks. The post New Interlock RAT Variant Distributed via FileFix Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

New Interlock RAT Variant Distributed via FileFix Attacks Read More »

In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets Govs

In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets Govs 2025-07-11 at 15:32 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Microsoft shows attack against AMD processors, SentinelOne details latest ZuRu macOS malware version, Indian APT DoNot targets governments.  The post In Other News: Microsoft

React to this headline:

Loading spinner

In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets Govs Read More »

Legitimate Shellter Pen-Testing Tool Used in Malware Attacks

Legitimate Shellter Pen-Testing Tool Used in Malware Attacks 2025-07-08 at 20:30 By Ionut Arghire A stolen copy of Shellter Elite shows how easily legitimate security tools can be repurposed by threat actors when vetting and oversight fail. The post Legitimate Shellter Pen-Testing Tool Used in Malware Attacks appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Legitimate Shellter Pen-Testing Tool Used in Malware Attacks Read More »

North Korean Hackers Use Fake Zoom Updates to Install macOS Malware

North Korean Hackers Use Fake Zoom Updates to Install macOS Malware 2025-07-03 at 13:32 By Ionut Arghire SentinelOne says the fake Zoom update scam delivers ‘NimDoor’, a rare Nim-compiled backdoor. The post North Korean Hackers Use Fake Zoom Updates to Install macOS Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

North Korean Hackers Use Fake Zoom Updates to Install macOS Malware Read More »

Chinese Hackers Target Chinese Users With RAT, Rootkit

Chinese Hackers Target Chinese Users With RAT, Rootkit 2025-06-27 at 13:02 By Ionut Arghire China-linked Silver Fox hacking group is targeting Chinese users with fake installers carrying a RAT and a rootkit. The post Chinese Hackers Target Chinese Users With RAT, Rootkit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Chinese Hackers Target Chinese Users With RAT, Rootkit Read More »

Hackers Abuse ConnectWise to Hide Malware

Hackers Abuse ConnectWise to Hide Malware 2025-06-25 at 15:52 By Ionut Arghire G Data has observed a surge in malware infections originating from ConnectWise applications with modified certificate tables. The post Hackers Abuse ConnectWise to Hide Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Hackers Abuse ConnectWise to Hide Malware Read More »

SonicWall Warns of Trojanized NetExtender Stealing User Information

SonicWall Warns of Trojanized NetExtender Stealing User Information 2025-06-25 at 14:33 By Ionut Arghire SonicWall says a modified version of the legitimate NetExtender application contains information-stealing code. The post SonicWall Warns of Trojanized NetExtender Stealing User Information appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

SonicWall Warns of Trojanized NetExtender Stealing User Information Read More »

Russian APT Hits Ukrainian Government With New Malware via Signal

Russian APT Hits Ukrainian Government With New Malware via Signal 2025-06-25 at 10:17 By Ionut Arghire Russia-linked APT28 deployed new malware against Ukrainian government targets through malicious documents sent via Signal chats. The post Russian APT Hits Ukrainian Government With New Malware via Signal appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Russian APT Hits Ukrainian Government With New Malware via Signal Read More »

Scroll to Top