Malware

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

AI, Artificial Intelligence, Malware, Malware & Threats, Vulnerabilities, vulnerability /

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals 2026-04-22 at 13:47 By Eduard Kovacs Researchers discovered a remote code execution vulnerability and cybercriminals are using its reputation to deliver malware. The post Google Antigravity in Crosshairs of Security Researchers, Cybercriminals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals Read More »

Dozens of Malicious Crypto Apps Land in Apple App Store

apple, Apple App Store, China, Cryptocurrency, Malware, Malware & Threats, Mobile & Wireless /

Dozens of Malicious Crypto Apps Land in Apple App Store 2026-04-21 at 17:36 By Ionut Arghire Masquerading as popular cryptocurrency wallets, the apps can hijack recovery phrases and private keys. The post Dozens of Malicious Crypto Apps Land in Apple App Store appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Dozens of Malicious Crypto Apps Land in Apple App Store Read More »

NGate NFC malware targets Android users through trojanized payment app

Android, cybercrime, ESET, fraud, generative AI, Malware, News, scams /

NGate NFC malware targets Android users through trojanized payment app 2026-04-21 at 12:00 By Mirko Zorz NFC-based payment fraud is expanding geographically and operationally. A campaign active since November 2025 is targeting Android users in Brazil using a new variant of the NGate malware family, this time embedded in a trojanized version of HandyPay, a

NGate NFC malware targets Android users through trojanized payment app Read More »

Cargo theft malware actor spent a month inside a decoy network before researchers pulled the plug

cybercrime, cybersecurity, Data exfiltration, Don't miss, fraud, Malware, News, PowerShell, Proofpoint, Pulseway, SimpleHelp, social engineering /

Cargo theft malware actor spent a month inside a decoy network before researchers pulled the plug 2026-04-16 at 13:34 By Mirko Zorz Proofpoint researchers executed a malicious payload from a threat actor known to target trucking and logistics companies in late February 2026, doing so inside a decoy environment. The environment stayed compromised for more

Cargo theft malware actor spent a month inside a decoy network before researchers pulled the plug Read More »

Mirax RAT Targeting Android Users in Europe

Android, Android RAT, Malware, Mirax, Mobile & Wireless, RAT /

Mirax RAT Targeting Android Users in Europe 2026-04-15 at 16:07 By Ionut Arghire Offered as a MaaS to a small number of affiliates, mainly Russian speakers, the RAT can turn devices into residential proxy nodes. The post Mirax RAT Targeting Android Users in Europe appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Mirax RAT Targeting Android Users in Europe Read More »

Hackers hijacked CPUID downloads, served STX RAT to victims

data theft, Don't miss, Hot stuff, Kaspersky, Malware, News, Remote Access Trojan, Windows /

Hackers hijacked CPUID downloads, served STX RAT to victims 2026-04-13 at 16:08 By Zeljka Zorz If you tried to download software from CPUID’s website late last week, you might have downloaded malware instead. “Investigations are still ongoing, but it appears that a secondary feature (basically a side API) was compromised for approximately six hours between

Hackers hijacked CPUID downloads, served STX RAT to victims Read More »

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads

CPU-Z, CPUID, Featured, Malware, Malware & Threats, STX RAT, supply chain attack, Supply Chain Security, watering hole /

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads 2026-04-13 at 15:44 By Eduard Kovacs Download links were replaced by a Russian-speaking threat actor to distribute a recently emerged malware named STX RAT. The post CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads Read More »

ClickFix campaign delivers Mac malware via fake Apple page

Don't miss, Hot stuff, Jamf, macOS, Malware, News, social engineering /

ClickFix campaign delivers Mac malware via fake Apple page 2026-04-10 at 17:22 By Zeljka Zorz Security researchers at Jamf have uncovered a new ClickFix-style attack targeting Mac users via a fake Apple-themed webpage offering instructions on how to “reclaim disk space on your Mac”. The malicious page (Source: Jamf) ClickFix for everybody ClickFix is a

ClickFix campaign delivers Mac malware via fake Apple page Read More »

To counter cookie theft, Chrome ships device-bound session credentials

browser, Chrome, cookies, credentials, Malware, News, online tracking, Privacy /

To counter cookie theft, Chrome ships device-bound session credentials 2026-04-10 at 14:45 By Mirko Zorz Cookie theft follows a well-established pattern. Infostealer malware infiltrates a device, extracts authentication cookies, and exfiltrates them to an attacker-controlled server. Because cookies often have extended lifetimes, attackers can access accounts without passwords, then bundle and sell the stolen credentials.

To counter cookie theft, Chrome ships device-bound session credentials Read More »

Chaos malware expands from routers to Linux cloud servers

cloud security, cybercrime, Darktrace, DDoS, Don't miss, Linux, Malware, News /

Chaos malware expands from routers to Linux cloud servers 2026-04-08 at 12:47 By Mirko Zorz Chaos, Go-based malware first documented by Lumen’s Black Lotus Labs, has historically targeted routers and edge devices. A new variant observed in March 2026 shows the malware operating against misconfigured Linux cloud servers, a category of infrastructure the botnet had

Chaos malware expands from routers to Linux cloud servers Read More »

Claude Code source leak exploited to spread malware

Anthropic, Claude Code, Data leak, Don't miss, Hot stuff, Malware, News, Zscaler /

Claude Code source leak exploited to spread malware 2026-04-03 at 14:30 By Sinisa Markovic A source code leak involving Anthropic’s Claude Code tool quickly escalated into a cybersecurity threat, as attackers seized on the exposed files to lure developers into downloading malware disguised as “unlocked” versions of the software. Leaked Claude Code source code used

Claude Code source leak exploited to spread malware Read More »

Software supply chain hacks trigger wave of intrusions, data theft

data theft, Don't miss, extortion, Google Cloud, Hot stuff, Malware, Mandiant, News, ownCloud, Palo Alto Networks, supply chain compromise, Tenable, Wiz /

Software supply chain hacks trigger wave of intrusions, data theft 2026-04-02 at 18:58 By Zeljka Zorz After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that “hundreds of thousands of stolen secrets could potentially be circulating” as a result of this and the Trivy, KICS, LiteLLM, and Telnyx supply

Software supply chain hacks trigger wave of intrusions, data theft Read More »

TrueConf zero-day vulnerability exploited to target government networks

Check Point, cyber espionage, Don't miss, Government, Malware, News, video conferencing /

TrueConf zero-day vulnerability exploited to target government networks 2026-04-02 at 12:02 By Sinisa Markovic Suspected China-nexus attackers have leveraged a zero-day vulnerability (CVE-2026-3502) in the TrueConf client application to distribute malware within government networks in Southeast Asia, Check Point researchers discovered. Malicious client update attack chain (Source: Check Point) Trusted update mechanism turned into attack

TrueConf zero-day vulnerability exploited to target government networks Read More »

New DeepLoad Malware Dropped in ClickFix Attacks

ClickFix, DeepLoad, Malware, Malware & Threats /

New DeepLoad Malware Dropped in ClickFix Attacks 2026-04-01 at 18:46 By Ionut Arghire The malware steals credentials, installs a malicious browser extension, and can spread via USB drives. The post New DeepLoad Malware Dropped in ClickFix Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

New DeepLoad Malware Dropped in ClickFix Attacks Read More »

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

credentials, cybercrime, identity, Identity & Access, Malware /

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks 2026-03-31 at 18:47 By Kevin Townsend Report shows how industrialized credential theft underpins ransomware, SaaS breaches, and geopolitical attacks, shifting security focus from prevention to detecting misuse of legitimate access. The post Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks appeared first on

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks Read More »

Apple counters ClickFix attacks with macOS Terminal warning

apple, cybersecurity, macOS, Malware, News, security update /

Apple counters ClickFix attacks with macOS Terminal warning 2026-03-31 at 16:05 By Sinisa Markovic Apple has added a new security feature in macOS Tahoe 26.4 that warns users before they enter commands in Terminal that could cause harm. The goal is to stop ClickFix attacks, a social engineering trick that gets users to run malicious

Apple counters ClickFix attacks with macOS Terminal warning Read More »

Professional Networks Under Attack: Vietnam-Linked Actors Deploy PXA Stealer in Global Infostealer Campaign

infostealer, Malware, social engineering /

Professional Networks Under Attack: Vietnam-Linked Actors Deploy PXA Stealer in Global Infostealer Campaign 2026-03-30 at 18:31 By rohansinhacyblecom Executive Summary CRIL has been actively tracking a surge in PXA Stealer activity deployed in a sophisticated, financially motivated threat campaign attributed with high confidence to a Vietnam-based cybercriminal group. The primary targets in this campaign are

Professional Networks Under Attack: Vietnam-Linked Actors Deploy PXA Stealer in Global Infostealer Campaign Read More »

TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware

Aikido Security, Don't miss, Endor Labs, Hot stuff, Linux, macOS, Malware, News, open source, PyPI, SafeDep, supply chain attacks, supply chain compromise, Windows /

TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware 2026-03-27 at 15:46 By Zeljka Zorz TeamPCP continues is supply chain compromise rampage, with telnyx on PyPI being the latest maliciously modified package. What happened? Telnyx is a widely used software development kit (SDK) for the Telnyx AI Voice Agent service. According to Endor Labs researchers,

TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware Read More »

Second RedLine infostealer operator ends up in US custody

cybercrime, law enforcement, Malware, News, US DoJ, USA /

Second RedLine infostealer operator ends up in US custody 2026-03-26 at 16:23 By Sinisa Markovic Hambardzum Minasyan, an Armenian man extradited to the United States, is accused of conspiring with others to develop and operate the RedLine infostealer malware used to steal sensitive data, including login credentials, from victims’ computers. Minasyan is charged with conspiracy

Second RedLine infostealer operator ends up in US custody Read More »

Scroll to Top