Malware & Threats

Adobe Plugs 45 Software Security Holes, Warn of Code Execution Risks

Adobe, Adobe Commerce, Malware & Threats, Patch Tuesday, Photoshop, remote code execution, Vulnerabilities /

Adobe Plugs 45 Software Security Holes, Warn of Code Execution Risks 2025-02-11 at 21:33 By Ryan Naraine Patch Tuesday: Adobe patches 45 vulnerabilities across multiple products and warn of remote code execution exploitation risks. The post Adobe Plugs 45 Software Security Holes, Warn of Code Execution Risks appeared first on SecurityWeek. This article is an […]

React to this headline:

Loading spinner

Adobe Plugs 45 Software Security Holes, Warn of Code Execution Risks Read More »

Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack 

apple, Citizen Lab, CVE-2025-24200, iOS, iOS 18.3.1, Malware & Threats, Nation-State, USB Restricted Mode /

Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack  2025-02-10 at 22:01 By Ryan Naraine Cupertino’s security response team said the flaw was used in “an extremely sophisticated attack against specific targeted individuals.”  The post Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack  appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack  Read More »

Can AI Early Warning Systems Reboot the Threat Intel Industry?

APT, Artificial Intelligence, China, Google, Iran, Malware & Threats, Microsoft, North Korea, OpenAI, Threat Intelligence /

Can AI Early Warning Systems Reboot the Threat Intel Industry? 2025-02-10 at 13:02 By Ryan Naraine News analysis: The big AI platforms are emerging as frontline early warning systems, detecting nation-state hackers at the outset of their campaigns. Can this help save the threat intel industry? The post Can AI Early Warning Systems Reboot the

React to this headline:

Loading spinner

Can AI Early Warning Systems Reboot the Threat Intel Industry? Read More »

1,000 Apps Used in Malicious Campaign Targeting Android Users in India

cybercrime, FatBoyPanel, Malware & Threats, multi-factor authentication, Zimperium /

1,000 Apps Used in Malicious Campaign Targeting Android Users in India 2025-02-06 at 20:34 By Ionut Arghire Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications. The post 1,000 Apps Used in Malicious Campaign Targeting Android Users in India appeared first

React to this headline:

Loading spinner

1,000 Apps Used in Malicious Campaign Targeting Android Users in India Read More »

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine

7-Zip, exploited, Malware & Threats, Russia, Ukraine, Zero-Day /

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine 2025-02-05 at 14:09 By Ionut Arghire Russian threat groups have been observed exploiting a zero-day vulnerability in 7-Zip against Ukrainian entities. The post Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine Read More »

22 New Mac Malware Families Seen in 2024

macOS malware, Malware, Malware & Threats /

22 New Mac Malware Families Seen in 2024 2025-02-04 at 19:03 By Eduard Kovacs Nearly two dozen new macOS malware families were observed in 2024, including stealers, backdoors, downloaders and ransomware.  The post 22 New Mac Malware Families Seen in 2024 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

22 New Mac Malware Families Seen in 2024 Read More »

Developers Targeted With Malware Disguised as DeepSeek Package

DeepSeek, Malware, Malware & Threats, PyPI, Python /

Developers Targeted With Malware Disguised as DeepSeek Package 2025-02-04 at 14:03 By Eduard Kovacs Python developers looking to integrate DeepSeek into their projects were targeted with malicious packages delivered through PyPI. The post Developers Targeted With Malware Disguised as DeepSeek Package appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Developers Targeted With Malware Disguised as DeepSeek Package Read More »

XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits

Fraud & Identity Theft, Intezer, Malware & Threats, Solis Security, VeraCore, XE Group /

XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits 2025-02-03 at 19:49 By Ryan Naraine Vietnamese cybercrime gang shifts from credit card-skimming to exploiting at least two zero-day vulnerabilities enterprise software product. The post XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits Read More »

Casio Website Infected With Skimmer 

Casio, Malware & Threats, skimmer, web skimmer /

Casio Website Infected With Skimmer  2025-02-03 at 14:33 By Ionut Arghire A threat actor has infected Casio UK’s website with a web skimmer on all pages, except the typical checkout page. The post Casio Website Infected With Skimmer  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Casio Website Infected With Skimmer  Read More »

In Other News: Browser Syncjacking, Fake AWS Hack, Google Blocked 2M Bad Apps

In Other News, Malware & Threats /

In Other News: Browser Syncjacking, Fake AWS Hack, Google Blocked 2M Bad Apps 2025-01-31 at 19:18 By SecurityWeek News Noteworthy stories that might have slipped under the radar: stealing browser data via Syncjacking, hackers falsely claim AWS breach, Google prevented 2 million bad apps from reaching Google Play.  The post In Other News: Browser Syncjacking,

React to this headline:

Loading spinner

In Other News: Browser Syncjacking, Fake AWS Hack, Google Blocked 2M Bad Apps Read More »

VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products

Aria Operations, CVE-2025-22218, CVE-2025-22222, Malware & Threats, VMWare, Vulnerabilities /

VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products 2025-01-30 at 21:23 By Ryan Naraine VMWare calls attention to patches for multiple ‘high-risk’ security defects in its Aria Operations and Aria Operations for Logs products. The post VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products Read More »

New Zyxel Zero-Day Under Attack, No Patch Available

Censys, CVE-2024-40891, GreyNoise, Malware & Threats, Vulnerabilities, Zyxel /

New Zyxel Zero-Day Under Attack, No Patch Available 2025-01-29 at 18:21 By Ryan Naraine GreyNoise reports active exploitation of a newly discovered zero-day vulnerability in Zyxel CPE devices. There are no patches available. The post New Zyxel Zero-Day Under Attack, No Patch Available appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

New Zyxel Zero-Day Under Attack, No Patch Available Read More »

Aquabot Botnet Targeting Vulnerable Mitel Phones

Aquabot, botnet, exploited, Malware & Threats, Mirai, Mitel /

Aquabot Botnet Targeting Vulnerable Mitel Phones 2025-01-29 at 14:18 By Ionut Arghire The Mirai-based Aquabot botnet has been targeting a vulnerability in Mitel SIP phones for which a proof-of-concept (PoC) exploit exists. The post Aquabot Botnet Targeting Vulnerable Mitel Phones appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Aquabot Botnet Targeting Vulnerable Mitel Phones Read More »

VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer

Avi Load Balancer, Malware & Threats, SQL injection, VMWare, Vulnerabilities /

VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer 2025-01-28 at 23:03 By Ryan Naraine VMware warns that a malicious user with network access may be able to use specially crafted SQL queries to gain database access. The post VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer appeared

React to this headline:

Loading spinner

VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer Read More »

Eclypsium Eyes Global Expansion with $45 Million Series C Investment

CISA, Eclypsium, firmware, Funding/M&A, Malware & Threats, Qualcomm Ventures, Series B /

Eclypsium Eyes Global Expansion with $45 Million Series C Investment 2025-01-28 at 18:03 By SecurityWeek News The investment includes equity and debt from new investors Qualcomm Ventures, Pavilion Capital, Singtel Innov8, and Sixty Degree Capital.  The post Eclypsium Eyes Global Expansion with $45 Million Series C Investment appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Eclypsium Eyes Global Expansion with $45 Million Series C Investment Read More »

In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies

In Other News, Malware & Threats /

In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies 2025-01-24 at 18:01 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York for $2 million, trojanized RAT builder targets script kiddies.   The post In Other News: VPN

React to this headline:

Loading spinner

In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies Read More »

Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI

Malware & Threats, PyPI, Python /

Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI 2024-10-02 at 15:46 By Ionut Arghire Multiple Python packages referencing dependencies containing cryptocurrency-stealing code were published to PyPI. The post Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI Read More »

US Transportation and Logistics Firms Targeted With Infostealers, Backdoors

Malware, Malware & Threats /

US Transportation and Logistics Firms Targeted With Infostealers, Backdoors 2024-09-26 at 15:01 By Ionut Arghire A malicious campaign is targeting transportation and logistics organizations in North America with various malware families. The post US Transportation and Logistics Firms Targeted With Infostealers, Backdoors appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

US Transportation and Logistics Firms Targeted With Infostealers, Backdoors Read More »

AI-Generated Malware Found in the Wild

AI, Artificial Intelligence, Featured, Malware, Malware & Threats /

AI-Generated Malware Found in the Wild 2024-09-24 at 20:16 By Kevin Townsend HP has intercepted an email campaign comprising a standard malware payload delivered by an AI-generated dropper. The post AI-Generated Malware Found in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

AI-Generated Malware Found in the Wild Read More »

Necro Trojan Infects Google Play Apps With Millions of Downloads

Android, Android trojan, Google Play, Malware & Threats, Necro, Wuta Camera /

Necro Trojan Infects Google Play Apps With Millions of Downloads 2024-09-23 at 19:16 By Ionut Arghire The Necro trojan was found in two Android applications in Google Play with a combined downloads count of over 11 million. The post Necro Trojan Infects Google Play Apps With Millions of Downloads appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Necro Trojan Infects Google Play Apps With Millions of Downloads Read More »

Scroll to Top