Malware

PureLogs infostealer is stealing credentials worldwide

data theft, Don't miss, Fortinet, Hot stuff, Malware, News, phishing /

PureLogs infostealer is stealing credentials worldwide 2026-05-19 at 16:58 By Zeljka Zorz A phishing campaign is smuggling the powerful PureLogs information stealer onto targets’ Windows machines by hiding encrypted malicious payloads inside cat photos, Fortinet researchers discovered. The attack The attack starts with a phishing email containing a TXZ archive and using an invoice-themed lure […]

PureLogs infostealer is stealing credentials worldwide Read More »

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Endpoint Security, Malware, Malware & Threats, mshta, Windows /

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks 2026-05-19 at 16:58 By Kevin Townsend Attackers are increasingly abusing Microsoft’s decades-old MSHTA utility to stealthily deliver stealers, loaders, and persistent malware through phishing, fake software downloads, and LOLBIN-based attack chains. The post Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks appeared first

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks Read More »

New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain

apple, cybercrime, Google, macOS, Malware, Microsoft, News, social engineering /

New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain 2026-05-19 at 15:35 By Sinisa Markovic A SHub macOS infostealer variant called Reaper impersonates Apple, Microsoft, and Google to trick users into executing malicious code, then targets browser data, password managers, and cryptocurrency wallets while establishing persistence for continued access, SentinelOne found.

New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain Read More »

201 arrested in INTERPOL disruption of phishing and fraud networks

arrest, cybercrime, Interpol, Malware, News, phishing /

201 arrested in INTERPOL disruption of phishing and fraud networks 2026-05-18 at 12:08 By Anamarija Pogorelec Operation Ramz, a cybercrime initiative coordinated by INTERPOL across the MENA region, focused on disrupting phishing campaigns, malware activity, and cyber scams that caused substantial financial losses across the region. The operation resulted in the arrest of 201 individuals

201 arrested in INTERPOL disruption of phishing and fraud networks Read More »

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code

Malware, Malware & Threats, Shai-Hulud, source code, Supply Chain Security, TeamPCP, worm /

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code 2026-05-15 at 14:32 By Ionut Arghire The hacking group is encouraging miscreants to use the code in supply chain attacks, promising monetary rewards. The post TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code Read More »

Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware

CRPx0, Malware, Malware & Threats /

Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware 2026-05-12 at 17:34 By Kevin Townsend CRPx0 is a complex, stealthy malware campaign that targets macOS and Windows systems, and appears to have Linux capabilities in development. The post Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware appeared first on SecurityWeek. This article is an

Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware Read More »

‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials

Malware, Malware & Threats, PCPJack, TeamPCP, worm /

‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials 2026-05-08 at 11:32 By Ionut Arghire The malware framework targets web applications and cloud environments, including AWS, Docker, Kubernetes, and more. The post ‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials Read More »

Vendor Says Daemon Tools Supply Chain Attack Contained

Daemon Tools, Malware, Malware & Threats, supply chain attack, Supply Chain Security /

Vendor Says Daemon Tools Supply Chain Attack Contained 2026-05-07 at 17:33 By Ionut Arghire The software developer has identified the impacted systems, removed potentially compromised files, and validated installation packages. The post Vendor Says Daemon Tools Supply Chain Attack Contained appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Vendor Says Daemon Tools Supply Chain Attack Contained Read More »

Operation HumanitarianBait: An Infostealer Campaign in Disguise

cyberespionage, infostealer, Malware, social engineering /

Operation HumanitarianBait: An Infostealer Campaign in Disguise 2026-05-07 at 12:41 By rohansinhacyblecom Executive Summary Cyble Research and Intelligence Labs (CRIL) has uncovered a targeted cyberespionage campaign leveraging social engineering and trusted infrastructure to establish persistent, covert access to victim systems. The attack is delivered via phishing emails containing a malicious LNK file disguised within a

Operation HumanitarianBait: An Infostealer Campaign in Disguise Read More »

CallPhantom Android scam reached 7.3 million downloads on Google Play

Android, cybercrime, ESET, Google Play, Malware, News, scams, smartphones, threats /

CallPhantom Android scam reached 7.3 million downloads on Google Play 2026-05-07 at 12:00 By Anamarija Pogorelec Scams targeting Android users in India and across the Asia-Pacific region have grown around a long-standing curiosity gap: the desire to look up call records tied to a phone number. A cluster of 28 fraudulent apps on Google Play

CallPhantom Android scam reached 7.3 million downloads on Google Play Read More »

Sophisticated Quasar Linux RAT Targets Software Developers

Linux malware, Malware, Malware & Threats, QLNX, Quasar Linux /

Sophisticated Quasar Linux RAT Targets Software Developers 2026-05-06 at 13:00 By Ionut Arghire The persistent, evasive implant provides remote access, surveillance, and credential exfiltration capabilities. The post Sophisticated Quasar Linux RAT Targets Software Developers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Sophisticated Quasar Linux RAT Targets Software Developers Read More »

North Korean hackers trojanize gaming platform to spy on ethnic Koreans in China

attack, cybercrime, ESET, Malware, News, North Korea, online gaming, supply chain attacks, threats /

North Korean hackers trojanize gaming platform to spy on ethnic Koreans in China 2026-05-05 at 13:21 By Sinisa Markovic A gaming platform built for ethnic Koreans in China has been serving backdoored Windows and Android software to its users since late 2024. The platform, sqgame[.]net, hosts traditional card and board games for a community that

North Korean hackers trojanize gaming platform to spy on ethnic Koreans in China Read More »

DigiCert breached via malicious screensaver file

breach, DigiCert, Malware, Microsoft Defender, News, social engineering /

DigiCert breached via malicious screensaver file 2026-05-04 at 18:59 By Sinisa Markovic A targeted social engineering attack against DigiCert’s support channel led to the compromise of internal systems and the unauthorized issuance of EV Code Signing certificates. DigiCert is a global Certificate Authority (CA) providing digital trust services, specializing in TLS/SSL certificates, PKI management, and

DigiCert breached via malicious screensaver file Read More »

DigiCert Revokes Certificates After Support Portal Hack

certificates, Data Breaches, DigiCert, Malware /

DigiCert Revokes Certificates After Support Portal Hack 2026-05-04 at 16:22 By Ionut Arghire Hackers delivered malware via a customer chat channel, infected an analyst’s system, and accessed the internal support portal. The post DigiCert Revokes Certificates After Support Portal Hack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

DigiCert Revokes Certificates After Support Portal Hack Read More »

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption

backdoor, Deep#Door, disruption, epsionage, Malware, Malware & Threats /

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption 2026-05-01 at 15:18 By Ionut Arghire The stealthy Python-based backdoor framework deploys a persistent Windows implant likely designed for espionage. The post Sophisticated Deep#Door Backdoor Enables Espionage, Disruption appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption Read More »

Hugging Face, ClawHub Abused for Malware Distribution

AI, Artificial Intelligence, ClawHub, Hugging Face, Malware, Malware & Threats /

Hugging Face, ClawHub Abused for Malware Distribution 2026-05-01 at 11:41 By Ionut Arghire Threat actors are relying on social engineering to lure users into downloading files containing malicious instructions. The post Hugging Face, ClawHub Abused for Malware Distribution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hugging Face, ClawHub Abused for Malware Distribution Read More »

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware

email bombing, email security, Malware, Malware & Threats, Snow, social engineering, UNC6692 /

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware 2026-04-27 at 13:55 By Ionut Arghire The threat actor infected victims with the Snow malware family – Snowbelt, Snowglaze, and Snowbasin – for persistent access. The post UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware appeared first on SecurityWeek. This article is an

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware Read More »

Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions

Fast16, Iran, Malware, Malware & Threats, nuclear, Stuxnet /

Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions 2026-04-24 at 19:09 By Ionut Arghire It targeted high-precision calculation software to tamper with results and packed a self-propagation mechanism. The post Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions Read More »

New Mirai variants target routers and DVRs in parallel campaigns

Akamai, botnet, consumer, DDoS, Don't miss, DVR, end of support, enterprise, exploit, Fortinet, Hot stuff, Internet of Things, Malware, News, router, SMBs /

New Mirai variants target routers and DVRs in parallel campaigns 2026-04-22 at 16:42 By Zeljka Zorz Hidden inside newly discovered botnet malware is an unusual message from its creator: “AI.NEEDS.TO.DIE”. Dubbed “tuxnokill” by researchers at Akamai, the malware is one of two fresh Mirai botnet variants documented this month by major cybersecurity firms and, judging

New Mirai variants target routers and DVRs in parallel campaigns Read More »

Scroll to Top