Cloudflare Tunnels Abused in New Malware Campaign 2025-06-20 at 11:48 By Ionut Arghire A threat actor is abusing Cloudflare Tunnels for the delivery of a Python loader as part of a complex infection chain. The post Cloudflare Tunnels Abused in New Malware Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]
Cloudflare Tunnels Abused in New Malware Campaign Read More »
New Campaigns Distribute Malware via Open Source Hacking Tools 2025-06-19 at 15:40 By Ionut Arghire Trend Micro and ReversingLabs uncovered over 100 GitHub accounts distributing malware embedded in open source hacking tools. The post New Campaigns Distribute Malware via Open Source Hacking Tools appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
New Campaigns Distribute Malware via Open Source Hacking Tools Read More »
New ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy Hack 2025-06-17 at 23:52 By Kevin Townsend Researchers identify a previously unknown ClickFix variant exploiting PowerShell and clipboard hijacking to deliver the Lumma infostealer via a compromised travel site. The post New ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy Hack appeared first on SecurityWeek. This
New ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy Hack Read More »
Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified 2025-06-12 at 11:15 By Eduard Kovacs Interpol has announced a crackdown on infostealer malware in Asia as part of an effort called Operation Secure. The post Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified appeared first on SecurityWeek. This
Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems 2025-06-09 at 16:35 By Ionut Arghire Two malicious NPM packages contain code that would delete production systems when triggered with the right credentials. The post Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems appeared first on SecurityWeek. This article
Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems Read More »
Destructive ‘PathWiper’ Targeting Ukraine’s Critical Infrastructure 2025-06-06 at 13:21 By Ionut Arghire A Russia-linked threat actor has used the destructive malware dubbed PathWiper against a critical infrastructure organization in Ukraine. The post Destructive ‘PathWiper’ Targeting Ukraine’s Critical Infrastructure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Destructive ‘PathWiper’ Targeting Ukraine’s Critical Infrastructure Read More »
US Offering $10 Million Reward for RedLine Malware Developer 2025-06-06 at 11:48 By Eduard Kovacs A reward is being offered for Maxim Alexandrovich Rudometov, who is accused of developing and managing the RedLine malware. The post US Offering $10 Million Reward for RedLine Malware Developer appeared first on SecurityWeek. This article is an excerpt from
US Offering $10 Million Reward for RedLine Malware Developer Read More »
Backdoored Open Source Malware Repositories Target Novice Cybercriminals 2025-06-05 at 16:32 By Ionut Arghire A threat actor has been creating backdoored open source malware repositories to target novice cybercriminals and game cheaters. The post Backdoored Open Source Malware Repositories Target Novice Cybercriminals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
Backdoored Open Source Malware Repositories Target Novice Cybercriminals Read More »
Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift 2025-06-04 at 14:17 By Eduard Kovacs Industrial giant Honeywell has published its 2025 Cybersecurity Threat Report with information on the latest trends. The post Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift appeared first on SecurityWeek. This article is an excerpt
Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift Read More »
TikTok videos + ClickFix tactic = Malware infection 2025-05-23 at 15:53 By Zeljka Zorz Malware peddlers are using TikTok videos and the ClickFix tactic to trick users into installing infostealer malware on their computers, Trend Micro researchers have warned. The videos are getting published by a number of TikTok user accounts, seem AI-made, and are
TikTok videos + ClickFix tactic = Malware infection Read More »
DanaBot Botnet Disrupted, 16 Suspects Charged 2025-05-23 at 12:03 By Eduard Kovacs The DanaBot botnet ensnared over 300,000 devices and caused more than $50 million in damages before being disrupted. The post DanaBot Botnet Disrupted, 16 Suspects Charged appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
DanaBot Botnet Disrupted, 16 Suspects Charged Read More »
Lumma Stealer Malware-as-a-Service operation disrupted 2025-05-21 at 21:21 By Zeljka Zorz A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most significant infostealer threat at the moment. What is Lumma Stealer? Lumma Stealer is Malware-as-a-Service offering beloved by a wide
Lumma Stealer Malware-as-a-Service operation disrupted Read More »
Trojanized KeePass opens doors for ransomware attackers 2025-05-20 at 14:04 By Zeljka Zorz A suspected initial access broker has been leveraging trojanized versions of the open-source KeePass password manager to set the stage for ransomware attacks, WithSecure researchers have discovered. KeeLoader: Passoword manager that acts as data stealer and malware loader In February 2025, WithSecure’s
Trojanized KeePass opens doors for ransomware attackers Read More »
Printer Company Procolored Served Infected Software for Months 2025-05-19 at 19:46 By Ionut Arghire Procolored’s public website served dozens of software downloads containing information stealer malware and a backdoor. The post Printer Company Procolored Served Infected Software for Months appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Printer Company Procolored Served Infected Software for Months Read More »
Fake AI platforms deliver malware diguised as video content 2025-05-09 at 16:53 By Zeljka Zorz A clever malware campaign delivering the novel Noodlophile malware is targeting creators and small businesses looking to enhance their productivity with AI tools. But, in an unusual twist, the threat actors are not disguising the malware as legitimate software, but
Fake AI platforms deliver malware diguised as video content Read More »
Malicious NPM Packages Target Cursor AI’s macOS Users 2025-05-09 at 16:12 By Ionut Arghire Three NPM packages posing as developer tools for Cursor AI code editor’s macOS version contain a backdoor. The post Malicious NPM Packages Target Cursor AI’s macOS Users appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Malicious NPM Packages Target Cursor AI’s macOS Users Read More »
The many variants of the ClickFix social engineering tactic 2025-05-08 at 18:50 By Zeljka Zorz As new malware delivery campaigns using the ClickFix social engineering tactic are spotted nearly every month, it’s interesting to see how the various attackers are trying to refine the two main elements: the lure and the “instruction” page. In the
The many variants of the ClickFix social engineering tactic Read More »
Google Finds Data Theft Malware Used by Russian APT in Select Cases 2025-05-08 at 15:04 By Ionut Arghire Russia-linked APT Star Blizzard is using the ClickFix technique in recent attacks distributing the LostKeys malware. The post Google Finds Data Theft Malware Used by Russian APT in Select Cases appeared first on SecurityWeek. This article is
Google Finds Data Theft Malware Used by Russian APT in Select Cases Read More »
Chinese APT’s Adversary-in-the-Middle Tool Dissected 2025-05-01 at 14:18 By Ionut Arghire ESET has analyzed Spellbinder, the IPv6 SLAAC spoofing tool Chinese APT TheWizards uses to deploy its WizardNet backdoor. The post Chinese APT’s Adversary-in-the-Middle Tool Dissected appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Chinese APT’s Adversary-in-the-Middle Tool Dissected Read More »
Many Malware Campaigns Linked to Proton66 Network 2025-04-22 at 14:33 By Ionut Arghire Security researchers detail various malware campaigns that use bulletproof services linked to Proton66 ASN. The post Many Malware Campaigns Linked to Proton66 Network appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Many Malware Campaigns Linked to Proton66 Network Read More »