Malware & Threats

Popular Scraping Tool’s NPM Package Compromised in Supply Chain Attack

Malware & Threats, NPM, RAT, supply chain /

Popular Scraping Tool’s NPM Package Compromised in Supply Chain Attack 2025-05-09 at 17:32 By Ionut Arghire Supply chain attack compromises the popular rand-user-agent NPM package to deploy and activate a backdoor. The post Popular Scraping Tool’s NPM Package Compromised in Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]

React to this headline:

Loading spinner

Popular Scraping Tool’s NPM Package Compromised in Supply Chain Attack Read More »

Malicious NPM Packages Target Cursor AI’s macOS Users

Cursor AI, Malware, Malware & Threats, NPM /

Malicious NPM Packages Target Cursor AI’s macOS Users 2025-05-09 at 16:12 By Ionut Arghire Three NPM packages posing as developer tools for Cursor AI code editor’s macOS version contain a backdoor. The post Malicious NPM Packages Target Cursor AI’s macOS Users appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Malicious NPM Packages Target Cursor AI’s macOS Users Read More »

Google Finds Data Theft Malware Used by Russian APT in Select Cases

Google, LostKeys, Malware, Malware & Threats, Russia, Star Blizzard /

Google Finds Data Theft Malware Used by Russian APT in Select Cases 2025-05-08 at 15:04 By Ionut Arghire Russia-linked APT Star Blizzard is using the ClickFix technique in recent attacks distributing the LostKeys malware. The post Google Finds Data Theft Malware Used by Russian APT in Select Cases appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Google Finds Data Theft Malware Used by Russian APT in Select Cases Read More »

Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack

lawsuit, Malware & Threats, Meta, nso group, spyware, WhatsApp /

Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack 2025-05-07 at 14:35 By Eduard Kovacs Meta has won its WhatsApp hacking lawsuit against Israeli spyware company NSO Group in an “important step forward for privacy and security”. The post Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack appeared first on

React to this headline:

Loading spinner

Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack Read More »

In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down

In Other News, Malware & Threats /

In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down 2025-05-02 at 15:23 By SecurityWeek News Noteworthy stories that might have slipped under the radar: NullPoint Stealer source code leaked, researcher earns $17,500 from Apple for vulnerability, BreachForums down after zero-day exploitation by police. The post In Other News: NullPoint Source Code

React to this headline:

Loading spinner

In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down Read More »

Chinese APT’s Adversary-in-the-Middle Tool Dissected

AitM, China, Malware, Malware & Threats, TheWizards /

Chinese APT’s Adversary-in-the-Middle Tool Dissected 2025-05-01 at 14:18 By Ionut Arghire ESET has analyzed Spellbinder, the IPv6 SLAAC spoofing tool Chinese APT TheWizards uses to deploy its WizardNet backdoor. The post Chinese APT’s Adversary-in-the-Middle Tool Dissected appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Chinese APT’s Adversary-in-the-Middle Tool Dissected Read More »

Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances 

Data Breaches, DBIR, Fortinet, Incident Response, Ivanti, Malware & Threats, Ransomware, SonicWall, Verizon /

Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances  2025-04-24 at 18:12 By Ryan Naraine The latest Verizon DBIR landed this week with a startling statistic about the security posture of VPNs and network edge devices. The post Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances  appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances  Read More »

Many Malware Campaigns Linked to Proton66 Network

ASN, bulletproof hosting, Malware, Malware & Threats, Proton66 /

Many Malware Campaigns Linked to Proton66 Network 2025-04-22 at 14:33 By Ionut Arghire Security researchers detail various malware campaigns that use bulletproof services linked to Proton66 ASN. The post Many Malware Campaigns Linked to Proton66 Network appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Many Malware Campaigns Linked to Proton66 Network Read More »

North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature

Bybit, Cryptocurrency, Fraud & Identity Theft, Lazarus, Malware & Threats, North Korea, social engineering, Zoom /

North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature 2025-04-21 at 19:02 By Ryan Naraine North Korean cryptocurrency thieves abusing Zoom Remote collaboration feature to target cryptocurrency traders with malware. The post North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature Read More »

MITRE Hackers’ Backdoor Has Targeted Windows for Years

backdoor, BrickStorm, China, Malware & Threats, MITRE /

MITRE Hackers’ Backdoor Has Targeted Windows for Years 2025-04-17 at 12:02 By Ionut Arghire Windows versions of the BrickStorm backdoor that the Chinese APT used in the MITRE hack last year have been active for years. The post MITRE Hackers’ Backdoor Has Targeted Windows for Years appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

MITRE Hackers’ Backdoor Has Targeted Windows for Years Read More »

Apple Quashes Two Zero-Days With iOS, MacOS Patches

apple, CVE-2025-31200, CVE-2025-31201, Featured, iOS 18.4.1, macOS, Malware & Threats, Vulnerabilities, Zero-Day /

Apple Quashes Two Zero-Days With iOS, MacOS Patches 2025-04-16 at 23:38 By Ryan Naraine The vulnerabilities are described as code execution and mitigation bypass issues that affect Apple’s iOS, iPadOS and macOS platforms. The post Apple Quashes Two Zero-Days With iOS, MacOS Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Apple Quashes Two Zero-Days With iOS, MacOS Patches Read More »

Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild

backdoor, BPFDoor, China, Malware, Malware & Threats /

Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild 2025-04-16 at 14:55 By Ionut Arghire In recent attacks, the state-sponsored backdoor BPFDoor is using a controller to open a reverse shell and move laterally. The post Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild Read More »

Microsoft Warns of Node.js Abuse for Malware Delivery

Malware, Malware & Threats, Node.js /

Microsoft Warns of Node.js Abuse for Malware Delivery 2025-04-16 at 14:01 By Eduard Kovacs In the past months Microsoft has seen multiple campaigns involving Node.js to deliver malware and other malicious payloads. The post Microsoft Warns of Node.js Abuse for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Microsoft Warns of Node.js Abuse for Malware Delivery Read More »

Conduent Says Names, Social Security Numbers Stolen in Cyberattack

conduent, Incident Response, Malware & Threats, Ransomware, Safepay, SEC /

Conduent Says Names, Social Security Numbers Stolen in Cyberattack 2025-04-15 at 17:34 By Ionut Arghire The business services provider confirms personal information such as names and Social Security numbers was stolen in a January cyberattack. The post Conduent Says Names, Social Security Numbers Stolen in Cyberattack appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Conduent Says Names, Social Security Numbers Stolen in Cyberattack Read More »

Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities

CrushFTP, CVE-2025-30406, Gladinet, Malware & Threats, Supply Chain Security, Triofox /

Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities 2025-04-14 at 20:31 By Ryan Naraine The flaw, tagged as CVE-2025-30406, was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog in early April. The post Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities Read More »

New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations

cybercrime, Malware, Malware & Threats, Morphisec, ResolverRat /

New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations 2025-04-14 at 16:49 By Ionut Arghire Organizations in the healthcare and pharmaceutical sectors have been targeted with ResolverRAT, a new malware family with advanced capabilities. The post New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations Read More »

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit

CVE-2022-42475, CVE-2023-27997, CVE-2024-21762, Fortinet, FortiOS, Malware & Threats, ThreatMon, Vulnerabilities /

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit 2025-04-14 at 16:49 By Ionut Arghire A threat actor claims to offer a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet firewalls. The post Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit Read More »

Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle

Connect Secure, CVE-2025-22457, Incident Response, Ivanti, Malware & Threats, Mandiant, Rapid7, VPN, Vulnerabilities /

Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle 2025-04-11 at 21:05 By Ryan Naraine The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices. The post Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle Read More »

Europol Targets Customers of Smokeloader Pay-Per-Install Botnet

botnet, Europol, Malware & Threats, Operation Endgame, Smokeloader, Tracking & Law Enforcement, Trickbot /

Europol Targets Customers of Smokeloader Pay-Per-Install Botnet 2025-04-10 at 18:16 By Ionut Arghire Law enforcement agencies in multiple countries have announced the arrests of users of the malicious Smokeloader botnet. The post Europol Targets Customers of Smokeloader Pay-Per-Install Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Europol Targets Customers of Smokeloader Pay-Per-Install Botnet Read More »

‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages

AkiraBot, Malware & Threats, SEO, spam /

‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages 2025-04-10 at 12:00 By Ionut Arghire CAPTCHA-evading Python framework AkiraBot has spammed over 80,000 websites with AI-generated spam messages. The post ‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages Read More »

Scroll to Top