Malware & Threats

Vendor Says Daemon Tools Supply Chain Attack Contained

Vendor Says Daemon Tools Supply Chain Attack Contained 2026-05-07 at 17:33 By Ionut Arghire The software developer has identified the impacted systems, removed potentially compromised files, and validated installation packages. The post Vendor Says Daemon Tools Supply Chain Attack Contained appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Vendor Says Daemon Tools Supply Chain Attack Contained Read More »

Sophisticated Quasar Linux RAT Targets Software Developers

Sophisticated Quasar Linux RAT Targets Software Developers 2026-05-06 at 13:00 By Ionut Arghire The persistent, evasive implant provides remote access, surveillance, and credential exfiltration capabilities. The post Sophisticated Quasar Linux RAT Targets Software Developers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Sophisticated Quasar Linux RAT Targets Software Developers Read More »

Government, Scientific Entities Hit via Daemon Tools Supply Chain Attack

Government, Scientific Entities Hit via Daemon Tools Supply Chain Attack 2026-05-06 at 12:03 By Ionut Arghire While trojanized Daemon Tools versions were installed worldwide, a sophisticated backdoor was dropped only on a dozen systems. The post Government, Scientific Entities Hit via Daemon Tools Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt

Government, Scientific Entities Hit via Daemon Tools Supply Chain Attack Read More »

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption 2026-05-01 at 15:18 By Ionut Arghire The stealthy Python-based backdoor framework deploys a persistent Windows implant likely designed for espionage. The post Sophisticated Deep#Door Backdoor Enables Espionage, Disruption appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption Read More »

Hugging Face, ClawHub Abused for Malware Distribution

Hugging Face, ClawHub Abused for Malware Distribution 2026-05-01 at 11:41 By Ionut Arghire Threat actors are relying on social engineering to lure users into downloading files containing malicious instructions. The post Hugging Face, ClawHub Abused for Malware Distribution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hugging Face, ClawHub Abused for Malware Distribution Read More »

SAP NPM Packages Targeted in Supply Chain Attack

SAP NPM Packages Targeted in Supply Chain Attack 2026-04-30 at 17:35 By Ionut Arghire The Mini Shai-Hulud attack introduced a preinstall hook to fetch and execute a Bun binary and bypass security monitoring. The post SAP NPM Packages Targeted in Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

SAP NPM Packages Targeted in Supply Chain Attack Read More »

Dozens of Open VSX Extension Clones Linked to GlassWorm Malware

Dozens of Open VSX Extension Clones Linked to GlassWorm Malware 2026-04-28 at 17:12 By Ionut Arghire Over 70 cloned Open VSX extensions are likely sleeper extensions designed to distribute malware. The post Dozens of Open VSX Extension Clones Linked to GlassWorm Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Dozens of Open VSX Extension Clones Linked to GlassWorm Malware Read More »

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware 2026-04-27 at 13:55 By Ionut Arghire The threat actor infected victims with the Snow malware family – Snowbelt, Snowglaze, and Snowbasin – for persistent access. The post UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware appeared first on SecurityWeek. This article is an

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware Read More »

Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access

Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access 2026-04-27 at 13:18 By Ionut Arghire A race condition in PackageKit allows unprivileged users to escalate privileges when installing packages. The post Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access Read More »

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks 2026-04-25 at 14:57 By Ionut Arghire Dubbed GopherWhisper, the group relies on multiple Go-based backdoors alongside custom loaders and injectors. The post China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks Read More »

Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions

Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions 2026-04-24 at 19:09 By Ionut Arghire It targeted high-precision calculation software to tamper with results and packed a self-propagation mechanism. The post Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions Read More »

US Federal Agency’s Cisco Firewall Infected With ‘Firestarter’ Backdoor

US Federal Agency’s Cisco Firewall Infected With ‘Firestarter’ Backdoor 2026-04-24 at 14:35 By Ionut Arghire The malware provides remote access and control of infected devices and maintains post-patching persistence. The post US Federal Agency’s Cisco Firewall Infected With ‘Firestarter’ Backdoor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

US Federal Agency’s Cisco Firewall Infected With ‘Firestarter’ Backdoor Read More »

New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention 

New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention  2026-04-22 at 15:49 By Ionut Arghire Dubbed Lotus Wiper, the malware targets recovery mechanisms, overwrites drives, and systematically deletes files. The post New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention  Read More »

Mirai Botnet Targets Flaw in Discontinued D-Link Routers

Mirai Botnet Targets Flaw in Discontinued D-Link Routers 2026-04-22 at 14:47 By Ionut Arghire The exploitation of the command injection vulnerability started one year after public disclosure and PoC exploit code publication. The post Mirai Botnet Targets Flaw in Discontinued D-Link Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Mirai Botnet Targets Flaw in Discontinued D-Link Routers Read More »

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals 2026-04-22 at 13:47 By Eduard Kovacs Researchers discovered a remote code execution vulnerability and cybercriminals are using its reputation to deliver malware. The post Google Antigravity in Crosshairs of Security Researchers, Cybercriminals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals Read More »

Dozens of Malicious Crypto Apps Land in Apple App Store

Dozens of Malicious Crypto Apps Land in Apple App Store 2026-04-21 at 17:36 By Ionut Arghire Masquerading as popular cryptocurrency wallets, the apps can hijack recovery phrases and private keys. The post Dozens of Malicious Crypto Apps Land in Apple App Store appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Dozens of Malicious Crypto Apps Land in Apple App Store Read More »

ZionSiphon Malware Targets ICS in Water Facilities

ZionSiphon Malware Targets ICS in Water Facilities 2026-04-17 at 14:32 By Eduard Kovacs The malware is configured to operate on systems associated with Israeli water treatment and desalination plants. The post ZionSiphon Malware Targets ICS in Water Facilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

ZionSiphon Malware Targets ICS in Water Facilities Read More »

100 Chrome Extensions Steal User Data, Create Backdoor

100 Chrome Extensions Steal User Data, Create Backdoor 2026-04-15 at 16:34 By Ionut Arghire Published through five accounts, the extensions appear part of a coordinated campaign based on shared C&C infrastructure. The post 100 Chrome Extensions Steal User Data, Create Backdoor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

100 Chrome Extensions Steal User Data, Create Backdoor Read More »

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks 2026-04-15 at 14:29 By Eduard Kovacs Researchers found adware capable of killing cybersecurity products and pushing more dangerous payloads to infected systems. The post $10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks appeared first on

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks Read More »

Scroll to Top