Malware & Threats

New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions

cryptojacking, macOS malware, Malware, Malware & Threats, XCSSET /

New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions 2025-09-26 at 14:50 By Ionut Arghire The malware now uses a four-stage infection chain, has an additional persistence mechanism, and also targets Firefox browser data. The post New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]

React to this headline:

Loading spinner

New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions Read More »

SonicWall Updates SMA 100 Appliances to Remove Overstep Malware

Malware, Malware & Threats, Overstep, rootkit, SonicWall /

SonicWall Updates SMA 100 Appliances to Remove Overstep Malware 2025-09-24 at 12:17 By Ionut Arghire The software update includes additional file checks and helps users remove the known rootkit deployed in a recent campaign. The post SonicWall Updates SMA 100 Appliances to Remove Overstep Malware appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

SonicWall Updates SMA 100 Appliances to Remove Overstep Malware Read More »

ShadowV2 DDoS Service Lets Customers Self-Manage Attacks

botnet, DDoS, Malware & Threats, ShadowV2 /

ShadowV2 DDoS Service Lets Customers Self-Manage Attacks 2025-09-23 at 15:39 By Ionut Arghire The botnet’s operators provide customers with access to an infected network of Docker containers so they can conduct DDoS attacks. The post ShadowV2 DDoS Service Lets Customers Self-Manage Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

ShadowV2 DDoS Service Lets Customers Self-Manage Attacks Read More »

Widespread Infostealer Campaign Targeting macOS Users

AMOS, Featured, infostealer, macOS malware, Malware & Threats /

Widespread Infostealer Campaign Targeting macOS Users 2025-09-22 at 13:01 By Ionut Arghire Threat actors rely on malicious GitHub repositories to infect LastPass’s macOS users with the Atomic infostealer. The post Widespread Infostealer Campaign Targeting macOS Users appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Widespread Infostealer Campaign Targeting macOS Users Read More »

Turla and Gamaredon Working Together in Fresh Ukrainian Intrusions

Gamaredon, Malware, Malware & Threats, Russia, Turla, Ukraine /

Turla and Gamaredon Working Together in Fresh Ukrainian Intrusions 2025-09-19 at 16:36 By Ionut Arghire Turla malware was deployed in February on select systems that Gamaredon had compromised in January. The post Turla and Gamaredon Working Together in Fresh Ukrainian Intrusions appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Turla and Gamaredon Working Together in Fresh Ukrainian Intrusions Read More »

CISA Analyzes Malware From Ivanti EPMM Intrusions

CISA, exploited, Ivanti, Malware, Malware & Threats /

CISA Analyzes Malware From Ivanti EPMM Intrusions 2025-09-19 at 14:30 By Ionut Arghire Hackers chained two Ivanti EPMM vulnerabilities to collect system information, dump credentials, and execute malware. The post CISA Analyzes Malware From Ivanti EPMM Intrusions appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

CISA Analyzes Malware From Ivanti EPMM Intrusions Read More »

FBI Shares IoCs for Recent Salesforce Intrusion Campaigns

FBI, IOC, Malware & Threats, Salesforce, Salesloft /

FBI Shares IoCs for Recent Salesforce Intrusion Campaigns 2025-09-15 at 16:06 By Ionut Arghire The cybercrime groups tracked as UNC6040 and UNC6395 have been extorting organizations after stealing data from their Salesforce instances. The post FBI Shares IoCs for Recent Salesforce Intrusion Campaigns appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

FBI Shares IoCs for Recent Salesforce Intrusion Campaigns Read More »

Apple Sends Fresh Wave of Spyware Notifications to French Users

alert, apple, France, Malware & Threats, spyware /

Apple Sends Fresh Wave of Spyware Notifications to French Users 2025-09-12 at 15:22 By Ionut Arghire Apple this year sent at least four rounds of notifications to French users potentially targeted by commercial spyware. The post Apple Sends Fresh Wave of Spyware Notifications to French Users appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Apple Sends Fresh Wave of Spyware Notifications to French Users Read More »

Exposed Docker APIs Likely Exploited to Build Botnet

botnet, Docker, Malware & Threats /

Exposed Docker APIs Likely Exploited to Build Botnet 2025-09-09 at 17:07 By Ionut Arghire Hackers mount the host’s file system into fresh containers, fetch malicious scripts over the Tor network, and block access to the Docker API. The post Exposed Docker APIs Likely Exploited to Build Botnet appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Exposed Docker APIs Likely Exploited to Build Botnet Read More »

China-Linked Hackers Hijack Web Traffic to Deliver Backdoor

China, Malware & Threats, PlugX, UNC6384 /

China-Linked Hackers Hijack Web Traffic to Deliver Backdoor 2025-08-27 at 19:24 By Ionut Arghire Google researchers say China-linked UNC6384 combined social engineering, signed malware, and adversary-in-the-middle attacks to evade detection. The post China-Linked Hackers Hijack Web Traffic to Deliver Backdoor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

China-Linked Hackers Hijack Web Traffic to Deliver Backdoor Read More »

Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime

infostealer, Malware, Malware & Threats, Uncategorized /

Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime 2025-08-27 at 15:46 By Kevin Townsend Competition among malware-as-a-service developers has transformed infostealers into refined, accessible tools for cybercriminals worldwide. The post Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime Read More »

PromptLock: First AI-Powered Ransomware Emerges

AI, Artificial Intelligence, Featured, Malware, Malware & Threats /

PromptLock: First AI-Powered Ransomware Emerges 2025-08-27 at 14:51 By Ionut Arghire Proof-of-concept ransomware uses AI models to generate attack scripts in real time. The post PromptLock: First AI-Powered Ransomware Emerges appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

PromptLock: First AI-Powered Ransomware Emerges Read More »

Anatsa Android Banking Trojan Now Targeting 830 Financial Apps

Anatsa, Android malware, Android trojan, Banking Trojan, Malware, Malware & Threats /

Anatsa Android Banking Trojan Now Targeting 830 Financial Apps 2025-08-25 at 14:33 By Ionut Arghire The Anatsa Android banking trojan has expanded its target list to new countries and more cryptocurrency applications. The post Anatsa Android Banking Trojan Now Targeting 830 Financial Apps appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Anatsa Android Banking Trojan Now Targeting 830 Financial Apps Read More »

Hundreds Targeted in New Atomic macOS Stealer Campaign

AMOS, macOS malware, Malware & Threats, SHAMOS /

Hundreds Targeted in New Atomic macOS Stealer Campaign 2025-08-22 at 11:57 By Ionut Arghire Between June and August, over 300 entities were targeted with the Atomic macOS Stealer via malvertising. The post Hundreds Targeted in New Atomic macOS Stealer Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Hundreds Targeted in New Atomic macOS Stealer Campaign Read More »

Microsoft Dissects PipeMagic Modular Backdoor

backdoor, Malware, Malware & Threats, PipeMagic /

Microsoft Dissects PipeMagic Modular Backdoor 2025-08-19 at 17:07 By Ionut Arghire PipeMagic, which poses as a ChatGPT application, is a modular malware framework that provides persistent access and flexibility. The post Microsoft Dissects PipeMagic Modular Backdoor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Microsoft Dissects PipeMagic Modular Backdoor Read More »

In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment

In Other News, Malware & Threats /

In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment 2025-08-08 at 16:42 By SecurityWeek News Noteworthy stories that might have slipped under the radar: federal court filing system hack, Chanel data breach, emergency CISA directive. The post In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment appeared

React to this headline:

Loading spinner

In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment Read More »

Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware

Malware & Threats, Microsoft, Project Ire, reverse engineering /

Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware 2025-08-05 at 19:12 By Eduard Kovacs Microsoft has unveiled Project Ire, a prototype autonomous AI agent that can analyze any software file to determine if it’s malicious. The post Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware Read More »

Sophisticated Koske Linux Malware Developed With AI Aid

AI, Koske, Linux malware, Malware & Threats /

Sophisticated Koske Linux Malware Developed With AI Aid 2025-07-25 at 14:43 By Eduard Kovacs The Koske Linux malware shows how cybercriminals can use AI for payload development, persistence, and adaptivity. The post Sophisticated Koske Linux Malware Developed With AI Aid appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Sophisticated Koske Linux Malware Developed With AI Aid Read More »

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

China APT, exploited, Government, Malware & Threats, Microsoft, SharePoint, ToolShell, vulnerability /

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named 2025-07-24 at 12:35 By Eduard Kovacs More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors. The post ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named Read More »

Coyote Banking Trojan First to Abuse Microsoft UIA

Banking Trojan, Coyote, Malware, Malware & Threats, Microsoft UIA, Stealer /

Coyote Banking Trojan First to Abuse Microsoft UIA 2025-07-23 at 16:20 By Eduard Kovacs Akamai’s analysis of the Coyote malware revealed that it abuses Microsoft’s UIA accessibility framework to obtain data. The post Coyote Banking Trojan First to Abuse Microsoft UIA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Coyote Banking Trojan First to Abuse Microsoft UIA Read More »

Scroll to Top