Malware & Threats - Security Ticks

Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack

GlassWorm, Mac malware, Malware, Malware & Threats, Supply Chain Security / SecurityTicks

Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack 2026-02-02 at 16:18 By Ionut Arghire A hacker published malicious versions of four established VS Code extensions to distribute a GlassWorm malware loader. The post Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]

Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack Read More »

Cyber Insights 2026: Malware and Cyberattacks in the Age of AI

AI, CyberInsights2026, Malware, Malware & Threats / SecurityTicks

Cyber Insights 2026: Malware and Cyberattacks in the Age of AI 2026-02-02 at 14:03 By Kevin Townsend Security leaders share how artificial intelligence is changing malware, ransomware, and identity-led intrusions, and how defenses must evolve. The post Cyber Insights 2026: Malware and Cyberattacks in the Age of AI appeared first on SecurityWeek. This article is

Cyber Insights 2026: Malware and Cyberattacks in the Age of AI Read More »

Over 1,400 MongoDB Databases Ransacked by Threat Actor

Malware & Threats, MongoDB, Ransomware / SecurityTicks

Over 1,400 MongoDB Databases Ransacked by Threat Actor 2026-02-02 at 13:58 By Ionut Arghire Of 3,100 unprotected MongoDB instances, half remain compromised, most of them by a single threat actor. The post Over 1,400 MongoDB Databases Ransacked by Threat Actor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Over 1,400 MongoDB Databases Ransacked by Threat Actor Read More »

eScan Antivirus Delivers Malware in Supply Chain Attack

antivirus, eScan, Featured, Malware, Malware & Threats, supply chain, supply chain attack, Supply Chain Security / SecurityTicks

eScan Antivirus Delivers Malware in Supply Chain Attack 2026-01-31 at 17:24 By Ionut Arghire Hackers compromised a MicroWorld Technologies update server and fed a malicious file to eScan customers. The post eScan Antivirus Delivers Malware in Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

eScan Antivirus Delivers Malware in Supply Chain Attack Read More »

Hugging Face Abused to Deploy Android RAT

Android trojan, Hugging Face, Malware, Malware & Threats, RAT / SecurityTicks

Hugging Face Abused to Deploy Android RAT 2026-01-30 at 13:38 By Ionut Arghire Android users were lured to applications that served a malicious payload hosted in a Hugging Face repository. The post Hugging Face Abused to Deploy Android RAT appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hugging Face Abused to Deploy Android RAT Read More »

LLMs Hijacked, Monetized in ‘Operation Bizarre Bazaar’

AI, Artificial Intelligence, LLM, LLMjacking, Malware & Threats, Operation Bizarre Bazaar / SecurityTicks

LLMs Hijacked, Monetized in ‘Operation Bizarre Bazaar’ 2026-01-29 at 17:29 By Ionut Arghire An LLMjacking operation has been targeting exposed LLMs and MCPs at scale, for commercial monetization. The post LLMs Hijacked, Monetized in ‘Operation Bizarre Bazaar’ appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

LLMs Hijacked, Monetized in ‘Operation Bizarre Bazaar’ Read More »

Google Disrupts IPIDEA Proxy Network

disrupted, Featured, Google, IPIDEA, Malware & Threats, Proxy / SecurityTicks

Google Disrupts IPIDEA Proxy Network 2026-01-29 at 13:42 By Ionut Arghire One of the largest residential proxy networks, IPIDEA enrolled devices through SDKs for mobile and desktop. The post Google Disrupts IPIDEA Proxy Network appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Google Disrupts IPIDEA Proxy Network Read More »

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability

exploited, Malware & Threats, Vulnerabilities, WinRAR / SecurityTicks

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability 2026-01-28 at 12:06 By Ionut Arghire Russian and Chinese state-sponsored threat actors have been exploiting CVE-2025-8088 since July 2025. The post APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability Read More »

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

Artificial Intelligence, browser extension, ChatGPT, Chrome, extension, Malware & Threats / SecurityTicks

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions 2026-01-27 at 15:49 By Ionut Arghire Marketed as ChatGPT enhancement and productivity tools, the extensions allow the threat actor to access the victim’s ChatGPT data. The post Chrome, Edge Extensions Caught Stealing ChatGPT Sessions appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions Read More »

‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing

Malware, Malware & Threats, phishing, spoofing, Stanley / SecurityTicks

‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing 2026-01-26 at 14:37 By Ionut Arghire Priced $2,000 – $6,000 on a cybercrime forum, the MaaS toolkit promises publication on the Chrome Web Store. The post ‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing Read More »

Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid

energy, ICS, ICS/OT, Malware, Malware & Threats, Nation-State, poland, power grid, Sandworm / SecurityTicks

Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid 2026-01-26 at 10:55 By Ionut Arghire 10 years after disrupting the Ukrainian power grid, the APT targeted Poland with data-wiping malware. The post Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid Read More »

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

macOS malware, Malware, Malware & Threats, North Korea, VS Code / SecurityTicks

North Korean Hackers Target macOS Developers via Malicious VS Code Projects 2026-01-21 at 15:23 By Ionut Arghire The hackers trick victims into accessing GitHub or GitLab repositories that are opened using Visual Studio Code. The post North Korean Hackers Target macOS Developers via Malicious VS Code Projects appeared first on SecurityWeek. This article is an

North Korean Hackers Target macOS Developers via Malicious VS Code Projects Read More »

APT-Grade PDFSider Malware Used by Ransomware Groups

DLL hijacking, DLL sideloading, Malware, Malware & Threats, PDFSider / SecurityTicks

APT-Grade PDFSider Malware Used by Ransomware Groups 2026-01-20 at 14:24 By Ionut Arghire Providing cyberespionage and remote code execution capabilities, the malware is executed via DLL sideloading. The post APT-Grade PDFSider Malware Used by Ransomware Groups appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

APT-Grade PDFSider Malware Used by Ransomware Groups Read More »

‘SolyxImmortal’ Information Stealer Emerges

infostealer, Malware, Malware & Threats, SolyxImmortal / SecurityTicks

‘SolyxImmortal’ Information Stealer Emerges 2026-01-19 at 17:21 By Ionut Arghire The information stealer abuses legitimate APIs and libraries to exfiltrate data to Discord webhooks. The post ‘SolyxImmortal’ Information Stealer Emerges appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

‘SolyxImmortal’ Information Stealer Emerges Read More »

Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’

ClickFix, CrashFix, Malware & Threats, RAT / SecurityTicks

Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’ 2026-01-19 at 13:14 By Ionut Arghire Posing as an ad blocker, the malicious extension crashes the browser to lure victims into installing malware. The post Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’ appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’ Read More »

VoidLink Linux Malware Framework Targets Cloud Environments

cloud malware, Linux malware, Malware & Threats, VoidLink / SecurityTicks

VoidLink Linux Malware Framework Targets Cloud Environments 2026-01-15 at 11:58 By Ionut Arghire Designed for long-term access, the framework targets cloud and container environments with loaders, implants, and rootkits. The post VoidLink Linux Malware Framework Targets Cloud Environments appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

VoidLink Linux Malware Framework Targets Cloud Environments Read More »

Predator Spyware Turns Failed Attacks Into Intelligence for Future Exploits

Featured, intellexa, Malware & Threats, Pegasus, Predator, spyware, threat detection / SecurityTicks

Predator Spyware Turns Failed Attacks Into Intelligence for Future Exploits 2026-01-14 at 16:03 By Kevin Townsend The Predator spyware is more sophisticated and dangerous than previously realized. The post Predator Spyware Turns Failed Attacks Into Intelligence for Future Exploits appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Predator Spyware Turns Failed Attacks Into Intelligence for Future Exploits Read More »

GoBruteforcer Botnet Targeting Crypto, Blockchain Projects

botnet, GoBruteforcer, Malware, Malware & Threats / SecurityTicks

GoBruteforcer Botnet Targeting Crypto, Blockchain Projects 2026-01-13 at 20:08 By Ionut Arghire The botnet’s propagation is fueled by the AI-generated server deployments that use weak credentials, and legacy web stacks. The post GoBruteforcer Botnet Targeting Crypto, Blockchain Projects appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

GoBruteforcer Botnet Targeting Crypto, Blockchain Projects Read More »

Russia’s APT28 Targeting Energy Research, Defense Collaboration Entities

APT28, Government, Malware & Threats, Russia / SecurityTicks

Russia’s APT28 Targeting Energy Research, Defense Collaboration Entities 2026-01-12 at 14:39 By Ionut Arghire APT28 was seen impersonating popular webmail and VPN services, including Microsoft OWA, Google, and Sophos VPN portals. The post Russia’s APT28 Targeting Energy Research, Defense Collaboration Entities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Russia’s APT28 Targeting Energy Research, Defense Collaboration Entities Read More »

FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes

FBI, Kimsuky, Malware & Threats, North Korea, QR code, quishing, spear-phishing / SecurityTicks

FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes 2026-01-09 at 17:34 By Ionut Arghire The North Korean state-sponsored espionage group Kimsuky has targeted government organizations, think tanks, and academic institutions. The post FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes Read More »