Malware

Microsoft Warns of Hospitality Sector Attacks Involving ClickFix

ClickFix, Malware, phishing /

Microsoft Warns of Hospitality Sector Attacks Involving ClickFix 2025-03-13 at 17:02 By Eduard Kovacs A cybercrime group named Storm-1865 has targeted hospitality organizations via fake Booking.com emails and the use of social engineering. The post Microsoft Warns of Hospitality Sector Attacks Involving ClickFix appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]

Microsoft Warns of Hospitality Sector Attacks Involving ClickFix Read More »

DeepSeek’s Malware-Generation Capabilities Put to Test

AI, Artificial Intelligence, DeepSeek, Keylogger, Malware, Malware & Threats, Ransomware /

DeepSeek’s Malware-Generation Capabilities Put to Test 2025-03-13 at 15:01 By Eduard Kovacs Researchers have analyzed the ability of the Chinese gen-AI DeepSeek to create malware such as ransomware and keyloggers. The post DeepSeek’s Malware-Generation Capabilities Put to Test appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

DeepSeek’s Malware-Generation Capabilities Put to Test Read More »

New Ballista IoT Botnet Linked to Italian Threat Actor

Ballista, botnet, Malware, Malware & Threats /

New Ballista IoT Botnet Linked to Italian Threat Actor 2025-03-11 at 19:05 By Eduard Kovacs Cato Networks has analyzed a new IoT botnet named Ballista, which targets TP-Link Archer routers.   The post New Ballista IoT Botnet Linked to Italian Threat Actor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

New Ballista IoT Botnet Linked to Italian Threat Actor Read More »

Is your email or password among the 240+ million compromised by infostealers?

credentials, Don't miss, Hot stuff, Malware, News, passwords /

Is your email or password among the 240+ million compromised by infostealers? 2025-02-26 at 18:00 By Zeljka Zorz For the second time since the start of 2025, a huge number of login credentials extracted from infostealer logs has been added to the database powering the HaveIBeenPwned (HIBP) site and breach notification service. In January 2025,

Is your email or password among the 240+ million compromised by infostealers? Read More »

New ‘Auto-Color’ Linux Malware Targets North America, Asia

Auto-Color, Linux malware, Malware, Malware & Threats /

New ‘Auto-Color’ Linux Malware Targets North America, Asia 2025-02-26 at 15:40 By Eduard Kovacs New Linux malware named Auto-Color, which allows full remote access to compromised devices, targets North America and Asia. The post New ‘Auto-Color’ Linux Malware Targets North America, Asia appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

New ‘Auto-Color’ Linux Malware Targets North America, Asia Read More »

Hundreds of GitHub repos served up malware for years

Don't miss, GitHub, Hot stuff, Kaspersky, Malware, News /

Hundreds of GitHub repos served up malware for years 2025-02-26 at 13:13 By Zeljka Zorz Kaspersky researchers have unearthed an extensive and long-running malware delivery campaign that exploited users’ propensity for downloading code from GitHub and using it without first verifying whether it’s malicious. “Over the course of the GitVenom campaign, the threat actors behind

Hundreds of GitHub repos served up malware for years Read More »

300% increase in endpoint malware detections

cybercrime, Malware, News, report, survey, threat, WatchGuard /

300% increase in endpoint malware detections 2025-02-20 at 07:04 By Help Net Security The third quarter of 2024 saw a dramatic shift in the types of malware detected at network perimeters, according to a new WatchGuard report. The report’s key findings include a 300% increase quarter over quarter of endpoint malware detections, highlighted by growing

300% increase in endpoint malware detections Read More »

New FrigidStealer macOS Malware Distributed as Fake Browser Update

FrigidStealer, macOS malware, Malware, Malware & Threats /

New FrigidStealer macOS Malware Distributed as Fake Browser Update 2025-02-19 at 14:33 By Ionut Arghire A recently identified macOS infostealer named FrigidStealer has been distributed through a compromised website, as a fake browser update. The post New FrigidStealer macOS Malware Distributed as Fake Browser Update appeared first on SecurityWeek. This article is an excerpt from

New FrigidStealer macOS Malware Distributed as Fake Browser Update Read More »

Cybercriminals shift focus to social media as attacks reach historic highs

attacks, cybercime, Don't miss, Gen Digital, Malware, News, report, social media, threats /

Cybercriminals shift focus to social media as attacks reach historic highs 2025-02-18 at 18:01 By Help Net Security A new report from Gen highlights a sharp rise in online threats, capping off a record-breaking 2024. Between October and December alone, 2.55 billion cyber threats were blocked – an astonishing rate of 321 per second. The

Cybercriminals shift focus to social media as attacks reach historic highs Read More »

Golang Backdoor Abuses Telegram for C&C Communication

backdoor, Malware, Malware & Threats /

Golang Backdoor Abuses Telegram for C&C Communication 2025-02-18 at 15:03 By Ionut Arghire A newly discovered Golang backdoor is abusing Telegram for communication with its command-and-control (C&C) server. The post Golang Backdoor Abuses Telegram for C&C Communication appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Golang Backdoor Abuses Telegram for C&C Communication Read More »

Microsoft Warns of Improved XCSSET macOS Malware

macOS malware, Malware, Malware & Threats, XCSSET /

Microsoft Warns of Improved XCSSET macOS Malware 2025-02-18 at 13:33 By Ionut Arghire Microsoft has observed a new variant of the XCSSET malware being used in limited attacks against macOS users. The post Microsoft Warns of Improved XCSSET macOS Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Warns of Improved XCSSET macOS Malware Read More »

The XCSSET info-stealing malware is back, targeting macOS users and devs

Don't miss, Hot stuff, macOS, Malware, Microsoft, News, software development, Trend Micro, Xcode /

The XCSSET info-stealing malware is back, targeting macOS users and devs 2025-02-17 at 19:50 By Zeljka Zorz A new, improved variant of the XCSSET macOS malware has been spotted “in limited attacks” by Microsoft’s threat researchers. XCSSET macOS malware XCSSET in information-stealing and backdoor-injecting malware targeting Mac users. It’s usually distributed via infected Xcode projects

The XCSSET info-stealing malware is back, targeting macOS users and devs Read More »

New FinalDraft Malware Spotted in Espionage Campaign

FinalDraft, Malware, Malware & Threats /

New FinalDraft Malware Spotted in Espionage Campaign 2025-02-17 at 15:49 By Ionut Arghire A newly identified malware family abuses the Outlook mail service for communication, via the Microsoft Graph API. The post New FinalDraft Malware Spotted in Espionage Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

New FinalDraft Malware Spotted in Espionage Campaign Read More »

North Korean hackers spotted using ClickFix tactic to deliver malware

Don't miss, Hot stuff, Malware, News, North Korea, PowerShell, social engineering, Windows /

North Korean hackers spotted using ClickFix tactic to deliver malware 2025-02-13 at 18:34 By Zeljka Zorz North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called “ClickFix” tactic. A relatively new tactic The ClickFix social engineering tactic has been dubbed thus

North Korean hackers spotted using ClickFix tactic to deliver malware Read More »

Over 3 million Fortune 500 employee accounts compromised since 2022

credentials, cybercrime, Don't miss, Enzoic, Malware, News, report, survey /

Over 3 million Fortune 500 employee accounts compromised since 2022 2025-02-13 at 07:03 By Help Net Security More than three million employee-linked corporate accounts were compromised between 2022 and 2024 across Fortune 500 companies, according to Enzoic. This surge is fueled by the widespread use of corporate email addresses for personal accounts and the growing

Over 3 million Fortune 500 employee accounts compromised since 2022 Read More »

BTMOB RAT: Newly Discovered Android Malware Spreading via Phishing Sites

infostealer, Malware, phishing /

BTMOB RAT: Newly Discovered Android Malware Spreading via Phishing Sites 2025-02-13 at 06:19 By rohansinhacyblecom Key Takeaways Overview On January 31, 2025, Cyble Research and Intelligence Labs (CRIL) identified a sample lnat-tv-pro.apk (13341c5171c34d846f6d0859e8c45d8a898eb332da41ab62bcae7519368d2248) being distributed via a phishing site “hxxps://tvipguncelpro[.]com/” impersonating iNat TV – online streaming platform from Turkey posing a serious threat to unsuspecting

BTMOB RAT: Newly Discovered Android Malware Spreading via Phishing Sites Read More »

OpenAI Finds No Evidence of Breach After Hacker Offers to Sell 20 Million Credentials

data breach, Data Breaches, infostealer, Malware, OpenAI /

OpenAI Finds No Evidence of Breach After Hacker Offers to Sell 20 Million Credentials 2025-02-11 at 13:40 By Eduard Kovacs A hacker recently offered to sell 20 million OpenAI credentials, but the data likely comes from information stealers, not the AI firm’s systems. The post OpenAI Finds No Evidence of Breach After Hacker Offers to

OpenAI Finds No Evidence of Breach After Hacker Offers to Sell 20 Million Credentials Read More »

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys

Don't miss, Hot stuff, IIS server, Malware, Microsoft, News, web application security, web shell /

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys 2025-02-07 at 14:22 By Zeljka Zorz A ViewState code injection attack spotted by Microsoft threat researchers in December 2024 could be easily replicated by other attackers, the company warned. “In the course of investigating, remediating, and building protections against this activity, we observed an insecure

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys Read More »

Crypto-stealing iOS, Android malware found on App Store, Google Play

Android, App store, Cryptocurrency, Don't miss, ESET, Google Play, Hot stuff, iOS, Kaspersky, Malware, News /

Crypto-stealing iOS, Android malware found on App Store, Google Play 2025-02-05 at 13:25 By Zeljka Zorz A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate cryptowallets’ seed recovery phrases, Kaspersky researchers have found. “The infected apps in Google Play

Crypto-stealing iOS, Android malware found on App Store, Google Play Read More »

22 New Mac Malware Families Seen in 2024

macOS malware, Malware, Malware & Threats /

22 New Mac Malware Families Seen in 2024 2025-02-04 at 19:03 By Eduard Kovacs Nearly two dozen new macOS malware families were observed in 2024, including stealers, backdoors, downloaders and ransomware.  The post 22 New Mac Malware Families Seen in 2024 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

22 New Mac Malware Families Seen in 2024 Read More »

Scroll to Top