Malware & Threats

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads 2026-04-13 at 15:44 By Eduard Kovacs Download links were replaced by a Russian-speaking threat actor to distribute a recently emerged malware named STX RAT. The post CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads appeared first on SecurityWeek. This article is an excerpt from SecurityWeek […]

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads Read More »

Evasive Masjesu DDoS Botnet Targets IoT Devices

Evasive Masjesu DDoS Botnet Targets IoT Devices 2026-04-08 at 15:06 By Ionut Arghire Focused on persistence, the botnet does not engage in widespread infection and avoids blacklisted IPs and critical infrastructure entities. The post Evasive Masjesu DDoS Botnet Targets IoT Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Evasive Masjesu DDoS Botnet Targets IoT Devices Read More »

US Disrupts Russian Espionage Operation Involving Hacked Routers and DNS Hijacking

US Disrupts Russian Espionage Operation Involving Hacked Routers and DNS Hijacking 2026-04-08 at 15:06 By Eduard Kovacs The APT28 threat group exploited vulnerable TP-Link and MikroTik routers to conduct adversary-in-the-middle (AitM) attacks. The post US Disrupts Russian Espionage Operation Involving Hacked Routers and DNS Hijacking appeared first on SecurityWeek. This article is an excerpt from

US Disrupts Russian Espionage Operation Involving Hacked Routers and DNS Hijacking Read More »

Guardarian Users Targeted With Malicious Strapi NPM Packages

Guardarian Users Targeted With Malicious Strapi NPM Packages 2026-04-06 at 15:32 By Ionut Arghire Hackers published 36 NPM packages posing as Strapi plugins to execute shells, escape containers, and harvest credentials. The post Guardarian Users Targeted With Malicious Strapi NPM Packages appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Guardarian Users Targeted With Malicious Strapi NPM Packages Read More »

In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware

In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware 2026-04-03 at 17:52 By SecurityWeek News Other noteworthy stories that might have slipped under the radar: Symantec vulnerability, anti-ClickFix mechanism added to macOS, FBI hack classified as major incident. The post In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit

In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware Read More »

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

React2Shell Exploited in Large-Scale Credential Harvesting Campaign 2026-04-03 at 14:30 By Ionut Arghire Using automated scanning and the Nexus Listener collection framework, the hackers compromised over 750 systems. The post React2Shell Exploited in Large-Scale Credential Harvesting Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React2Shell Exploited in Large-Scale Credential Harvesting Campaign Read More »

New DeepLoad Malware Dropped in ClickFix Attacks

New DeepLoad Malware Dropped in ClickFix Attacks 2026-04-01 at 18:46 By Ionut Arghire The malware steals credentials, installs a malicious browser extension, and can spread via USB drives. The post New DeepLoad Malware Dropped in ClickFix Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

New DeepLoad Malware Dropped in ClickFix Attacks Read More »

Venom Stealer Raises Stakes With Continuous Credential Harvesting

Venom Stealer Raises Stakes With Continuous Credential Harvesting 2026-03-31 at 17:56 By Kevin Townsend Licensed malware with built-in persistence and automation enables attackers to continuously siphon credentials, session data, and cryptocurrency assets. The post Venom Stealer Raises Stakes With Continuous Credential Harvesting appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Venom Stealer Raises Stakes With Continuous Credential Harvesting Read More »

Telnyx Targeted in Growing TeamPCP Supply Chain Attack

Telnyx Targeted in Growing TeamPCP Supply Chain Attack 2026-03-30 at 14:26 By Ionut Arghire Two malicious versions of the popular SDK were uploaded to the PyPI registry, targeting Windows, macOS, and Linux. The post Telnyx Targeted in Growing TeamPCP Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Telnyx Targeted in Growing TeamPCP Supply Chain Attack Read More »

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs 2026-03-28 at 15:40 By Ionut Arghire The infection chain includes a fake CAPTCHA page, a Bash script, a Nuitka loader, and the Python-based infostealer. The post Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs Read More »

Alleged RedLine Malware Administrator Extradited to US

Alleged RedLine Malware Administrator Extradited to US 2026-03-26 at 12:06 By Eduard Kovacs Hambardzum Minasyan of Armenia has been accused of being involved in the development and administration of the infostealer malware. The post Alleged RedLine Malware Administrator Extradited to US appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Alleged RedLine Malware Administrator Extradited to US Read More »

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI 2026-03-25 at 14:00 By Ionut Arghire The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$. The post From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI appeared

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI Read More »

Stryker Says Malicious File Found During Probe Into Iran-Linked Attack

Stryker Says Malicious File Found During Probe Into Iran-Linked Attack 2026-03-24 at 11:30 By Eduard Kovacs The FBI has published an alert describing the malware used by Iranian government hackers. The post Stryker Says Malicious File Found During Probe Into Iran-Linked Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Stryker Says Malicious File Found During Probe Into Iran-Linked Attack Read More »

Russian APT Exploits Zimbra Vulnerability Against Ukraine

Russian APT Exploits Zimbra Vulnerability Against Ukraine 2026-03-19 at 16:53 By Ionut Arghire Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser. The post Russian APT Exploits Zimbra Vulnerability Against Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Russian APT Exploits Zimbra Vulnerability Against Ukraine Read More »

Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach

Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach 2026-03-18 at 14:49 By Eduard Kovacs The medtech giant has been working on restoring systems affected by the cyberattack conducted by the Handala hackers. The post Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach Read More »

174 Vulnerabilities Targeted by RondoDox Botnet

174 Vulnerabilities Targeted by RondoDox Botnet 2026-03-17 at 14:47 By Ionut Arghire The botnet has increased its activity, peaking at 15,000 exploitation attempts per day, and taking a more targeted approach. The post 174 Vulnerabilities Targeted by RondoDox Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

174 Vulnerabilities Targeted by RondoDox Botnet Read More »

Threat Actor Targeting VPN Users in New Credential Theft Campaign

Threat Actor Targeting VPN Users in New Credential Theft Campaign 2026-03-16 at 14:28 By Ionut Arghire Storm-2561 is distributing fake VPN clients through SEO poisoning, deploying trojans, and stealing login information. The post Threat Actor Targeting VPN Users in New Credential Theft Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Threat Actor Targeting VPN Users in New Credential Theft Campaign Read More »

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath 2026-03-16 at 13:51 By Ionut Arghire Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. The post ForceMemo: Python Repositories Compromised in GlassWorm Aftermath appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath Read More »

Scroll to Top