Malware

Cybercriminals abused GitHub, YouTube and VirusTotal to push crypto-stealing malware

Check Point, Crypto, Cryptocurrency, cybercrime, Malware, News /

Cybercriminals abused GitHub, YouTube and VirusTotal to push crypto-stealing malware 2026-06-19 at 15:11 By Sinisa Markovic A cryptocurrency-stealing malware campaign used inflated GitHub activity, software reviews, YouTube tutorials and favorable VirusTotal comments to make malicious trading and gambling tools appear trustworthy, Check Point researchers found. According to the researchers, the attackers packaged the malware as […]

Cybercriminals abused GitHub, YouTube and VirusTotal to push crypto-stealing malware Read More »

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

CryptoBandits, Cryptocurrency, Malware, Malware & Threats, Tor /

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor 2026-06-19 at 14:19 By Ionut Arghire CryptoBandits uses a local SOCKS5 proxy for traffic routing, blending data theft with remote code execution. The post CryptoBandits Malware Doubles as a Backdoor, Abuses Tor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor Read More »

Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned

Don't miss, Hot stuff, Infoblox, law enforcement, Malware, News, Proofpoint, WordPress /

Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned 2026-06-18 at 17:21 By Zeljka Zorz SocGholish, an operation that’s been delivering malware to users via fake software updates, has suffered a major blow: the international law enforcement coalition behind Operation Endgame has taken down 106 of its servers and domains, and cleaned up nearly

Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned Read More »

Malware attacks strip Roblox developers of entire games

cybercrime, Kaspersky, Malware, News, online gaming, social engineering /

Malware attacks strip Roblox developers of entire games 2026-06-18 at 15:41 By Sinisa Markovic Hackers who once focused on stealing valuable Roblox items are now taking over entire games. Although Roblox operates the service, users can create and publish their own games on it. Successful games can generate substantial revenue through in-game purchases. Some developers

Malware attacks strip Roblox developers of entire games Read More »

GentleKiller targets more than 400 security processes across 48 products

cybercrime, Don't miss, Endpoint Security, ESET, Malware, News, Ransomware, research /

GentleKiller targets more than 400 security processes across 48 products 2026-06-18 at 12:00 By Anamarija Pogorelec Most ransomware operations leave the work of disabling endpoint security software to their affiliates. The ransomware-as-a-service gang Gentlemen runs a different model. Its operators develop and maintain a set of tools for shutting down endpoint detection and response (EDR)

GentleKiller targets more than 400 security processes across 48 products Read More »

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

DragonForce, Malware, Malware & Threats, Microsoft Teams, Ransomware /

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack 2026-06-17 at 13:38 By Ionut Arghire The attackers deployed a new Go-based backdoor that uses Microsoft Teams servers for command-and-control. The post Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack Read More »

Cybercriminals mask malicious communications through Microsoft Teams relays

backdoor, cybercrime, Malware, Microsoft Teams, News, Ransomware /

Cybercriminals mask malicious communications through Microsoft Teams relays 2026-06-16 at 17:22 By Sinisa Markovic The DragonForce ransomware group used a custom malware called Backdoor.Turn to hide command-and-control traffic inside Microsoft Teams relay infrastructure during an intrusion at a U.S. services company, according to Symantec. DragonForce is a ransomware-as-a-service operation that has been active since 2023.

Cybercriminals mask malicious communications through Microsoft Teams relays Read More »

Chinese hackers breached North American research institutions via REDCap servers

China, cyber espionage, Google, Government, Malware, News, USA /

Chinese hackers breached North American research institutions via REDCap servers 2026-06-15 at 21:41 By Sinisa Markovic A China-linked cyber espionage operation targeted North American medical research institutions through compromised REDCap servers, using custom malware to gain persistent access and collect sensitive information, Google’s Threat Intelligence Group (GTIG) researchers found. UNC6508 exploits vulnerable REDCap servers GTIG

Chinese hackers breached North American research institutions via REDCap servers Read More »

OnyxC2 Stealer Offers Cybercriminals Enterprise-Grade Theft for $250 a Month

cybercrime, Malware, Malware & Threats, OnyxC2 /

OnyxC2 Stealer Offers Cybercriminals Enterprise-Grade Theft for $250 a Month 2026-06-11 at 16:00 By Kevin Townsend Researchers say the OnyxC2 malware targets more than 200 applications and extensions while evading detection through encrypted payloads, DLL sideloading, and in-memory execution techniques. The post OnyxC2 Stealer Offers Cybercriminals Enterprise-Grade Theft for $250 a Month appeared first on

OnyxC2 Stealer Offers Cybercriminals Enterprise-Grade Theft for $250 a Month Read More »

Infostealers Turn Millions of Devices Into Credential Theft Machines

Identity & Access, infostealer, Malware, Malware & Threats /

Infostealers Turn Millions of Devices Into Credential Theft Machines 2026-06-10 at 17:24 By Kevin Townsend As attackers increasingly favor stolen credentials over exploits, infostealers have become a primary source of access for ransomware and other cybercrime operations. The post Infostealers Turn Millions of Devices Into Credential Theft Machines appeared first on SecurityWeek. This article is

Infostealers Turn Millions of Devices Into Credential Theft Machines Read More »

Malware ships with bugs that defenders could use against it

Don't miss, Features, Hot stuff, Malware, News, research /

Malware ships with bugs that defenders could use against it 2026-06-09 at 08:46 By Anamarija Pogorelec Static analysis tools have spent years scanning legitimate software for security bugs before it goes out the door. The same scanners work on malware, and malware carries a steady supply of its own bugs. Researchers ran four of these

Malware ships with bugs that defenders could use against it Read More »

52% of direct-to-IP threats are missing from intelligence feeds

AI, Malware, network, News, Palo Alto Networks, report, threats, traffic monitoring /

52% of direct-to-IP threats are missing from intelligence feeds 2026-06-08 at 07:00 By Anamarija Pogorelec Security tools are good at inspecting websites, domains, URLs, and files, so attackers are moving lower in the stack and communicating directly with IP addresses, where visibility is limited. According to Palo Alto Networks’ report, this creates a visibility gap

52% of direct-to-IP threats are missing from intelligence feeds Read More »

Malware campaign targeting Minecraft users infects over 116,000 systems

cybercrime, Malware, News, online gaming /

Malware campaign targeting Minecraft users infects over 116,000 systems 2026-06-03 at 20:20 By Sinisa Markovic A Malware-as-a-Service (MaaS) operation named WeedHack is targeting Minecraft users and allows threat actors to gain remote access to victims’ screens, webcams, and files through a web-based dashboard, McAfee researchers found. Minecraft, developed by Mojang Studios and released in 2011,

Malware campaign targeting Minecraft users infects over 116,000 systems Read More »

Sophos uncovers AI-powered malware lab built for EDR evasion

AI, cybercrime, Malware, News, Ransomware, Sophos /

Sophos uncovers AI-powered malware lab built for EDR evasion 2026-06-02 at 15:47 By Sinisa Markovic A threat actor used AI technologies to build a malware-testing framework for developing and refining endpoint detection and response (EDR) evasion techniques, according to Sophos. The investigation began after an anomalous endpoint in a customer environment triggered alerts tied to

Sophos uncovers AI-powered malware lab built for EDR evasion Read More »

Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks

AI, Artificial Intelligence, Malware, Malware & Threats /

Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks 2026-05-29 at 06:17 By Kevin Townsend Researchers warn GreyVibe’s extensive use of ChatGPT, Gemini, and other AI tools offers a glimpse into how future cybercriminal and state-aligned groups will operate. The post Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks appeared first on SecurityWeek. This article is

Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks Read More »

New BTMOB Android Malware Enables Full Device Takeover

Android, Malware, Malware & Threats, Mobile & Wireless /

New BTMOB Android Malware Enables Full Device Takeover 2026-05-28 at 16:05 By Ionut Arghire Delivered via phishing lures, the malware combines financial theft with data exfiltration and remote access. The post New BTMOB Android Malware Enables Full Device Takeover appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

New BTMOB Android Malware Enables Full Device Takeover Read More »

OverlayPhantom: The Android Banking Trojan Hiding in Plain Sight

Android, Credential Harvesting, cyber news, Malware, phishing, spyware, trojan /

OverlayPhantom: The Android Banking Trojan Hiding in Plain Sight 2026-05-27 at 09:24 By rohansinhacyblecom Executive Summary Cyble Research and Intelligence Labs (CRIL) has identified a novel Android banking trojan, dubbed OverlayPhantom, actively distributed in the wild via malicious URLs. The malware employs a two-stage infection chain, using a dropper application that impersonates trusted platforms, including

OverlayPhantom: The Android Banking Trojan Hiding in Plain Sight Read More »

Laravel-Lang Packages Poisoned for Malware Delivery

Laravel, Laravel-Lang, Malware, supply chain attack, Supply Chain Security /

Laravel-Lang Packages Poisoned for Malware Delivery 2026-05-25 at 15:31 By Ionut Arghire Published within a 15-minute window, the malicious tags introduced backdoors to exfiltrate CI secrets. The post Laravel-Lang Packages Poisoned for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Laravel-Lang Packages Poisoned for Malware Delivery Read More »

JOMANGY: INJ3CTOR3’s Self-Healing FreePBX Toll Fraud Campaign

cyber news, cybercrime, Malware /

JOMANGY: INJ3CTOR3’s Self-Healing FreePBX Toll Fraud Campaign 2026-05-21 at 16:56 By rohansinhacyblecom Executive Summary Cyble Research & Intelligence Labs (CRIL) has identified an active FreePBX exploitation campaign, with high confidence tied to INJ3CTOR3, an actor with a documented history of targeting VoIP infrastructure for financial gain since 2019. The campaign deploys a multi-stage Bash dropper

JOMANGY: INJ3CTOR3’s Self-Healing FreePBX Toll Fraud Campaign Read More »

Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’ 

Featured, Fox Tempest, Malware, Malware & Threats, Microsoft, takedown, Vanilla Tempest /

Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’  2026-05-19 at 19:07 By Eduard Kovacs  Fox Tempest provides a service that cybercriminals use to distribute ransomware and other malware disguised as legitimate software. The post Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’  Read More »

Scroll to Top