Malware

Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid

energy, ICS, ICS/OT, Malware, Malware & Threats, Nation-State, poland, power grid, Sandworm /

Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid 2026-01-26 at 10:55 By Ionut Arghire 10 years after disrupting the Ukrainian power grid, the APT targeted Poland with data-wiping malware. The post Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]

Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid Read More »

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

macOS malware, Malware, Malware & Threats, North Korea, VS Code /

North Korean Hackers Target macOS Developers via Malicious VS Code Projects 2026-01-21 at 15:23 By Ionut Arghire The hackers trick victims into accessing GitHub or GitLab repositories that are opened using Visual Studio Code. The post North Korean Hackers Target macOS Developers via Malicious VS Code Projects appeared first on SecurityWeek. This article is an

North Korean Hackers Target macOS Developers via Malicious VS Code Projects Read More »

Linux users targeted by crypto thieves via hijacked apps on Snap Store

Canonical, Cryptocurrency, digital wallet, Don't miss, Hot stuff, Linux, Malware, malware detection, News, Snap Store, software protection /

Linux users targeted by crypto thieves via hijacked apps on Snap Store 2026-01-21 at 12:17 By Zeljka Zorz Cryptocurrency thieves have found a new way to turn trusted software packages for Linux on the Snap Store into crypto-stealing malware, Ubuntu contributor and former Canonical developer Alan Pope warned. SnapScope web app identifies malicious snaps (Source:

Linux users targeted by crypto thieves via hijacked apps on Snap Store Read More »

APT-Grade PDFSider Malware Used by Ransomware Groups

DLL hijacking, DLL sideloading, Malware, Malware & Threats, PDFSider /

APT-Grade PDFSider Malware Used by Ransomware Groups 2026-01-20 at 14:24 By Ionut Arghire Providing cyberespionage and remote code execution capabilities, the malware is executed via DLL sideloading. The post APT-Grade PDFSider Malware Used by Ransomware Groups appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

APT-Grade PDFSider Malware Used by Ransomware Groups Read More »

‘SolyxImmortal’ Information Stealer Emerges

infostealer, Malware, Malware & Threats, SolyxImmortal /

‘SolyxImmortal’ Information Stealer Emerges 2026-01-19 at 17:21 By Ionut Arghire The information stealer abuses legitimate APIs and libraries to exfiltrate data to Discord webhooks. The post ‘SolyxImmortal’ Information Stealer Emerges appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

‘SolyxImmortal’ Information Stealer Emerges Read More »

GoBruteforcer Botnet Targeting Crypto, Blockchain Projects

botnet, GoBruteforcer, Malware, Malware & Threats /

GoBruteforcer Botnet Targeting Crypto, Blockchain Projects 2026-01-13 at 20:08 By Ionut Arghire The botnet’s propagation is fueled by the AI-generated server deployments that use weak credentials, and legacy web stacks. The post GoBruteforcer Botnet Targeting Crypto, Blockchain Projects appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

GoBruteforcer Botnet Targeting Crypto, Blockchain Projects Read More »

Fake Booking.com emails and BSODs used to infect hospitality staff

Don't miss, Europe, hospitality industry, Hot stuff, Malware, News, phishing, Remote Access Trojan, Securonix, social engineering /

Fake Booking.com emails and BSODs used to infect hospitality staff 2026-01-07 at 13:06 By Zeljka Zorz Suspected Russian attackers are targeting the hospitality sector with fake Booking.com emails and a fake “Blue Screen of Death” to deliver the DCRat malware. The malware delivery campaign starts with phishing emails that feature room charge details in euros,

Fake Booking.com emails and BSODs used to infect hospitality staff Read More »

Dozens of Major Data Breaches Linked to Single Threat Actor

data breach, Data Breaches, infostealer, Malware, Malware & Threats, Sentap, Zestix /

Dozens of Major Data Breaches Linked to Single Threat Actor 2026-01-06 at 14:32 By Ionut Arghire The initial access broker (IAB) relies on credentials exfiltrated using information stealers to hack organizations. The post Dozens of Major Data Breaches Linked to Single Threat Actor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Dozens of Major Data Breaches Linked to Single Threat Actor Read More »

Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit

China APT, HoneyMyte, Malware, Malware & Threats, Mustang Panda, rootkit, ToneShell /

Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit 2025-12-30 at 12:25 By Ionut Arghire The threat actor uses a signed driver file containing two user-mode shellcodes to execute its ToneShell backdoor. The post Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit Read More »

Infostealer Malware Delivered in EmEditor Supply Chain Attack

EmEditor, infostealer, Malware, Malware & Threats, supply chain attack, Supply Chain Security /

Infostealer Malware Delivered in EmEditor Supply Chain Attack 2025-12-29 at 13:40 By Eduard Kovacs The ‘download’ button on the official EmEditor website served a malicious installer. The post Infostealer Malware Delivered in EmEditor Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Infostealer Malware Delivered in EmEditor Supply Chain Attack Read More »

Budding infosec pros and aspiring cyber crooks targeted with fake PoC exploits

Don't miss, Hot stuff, Kaspersky, Malware, News, PoC /

Budding infosec pros and aspiring cyber crooks targeted with fake PoC exploits 2025-12-23 at 14:47 By Zeljka Zorz Malware peddlers are targeting infosec enthusiasts, budding security professionals, and aspiring hackers with the Webrat malware, masquerading the threat as proof-of-concept (PoC) exploits for known vulnerabilities. Delivering the malware The recently uncovered Webrat can steal data from

Budding infosec pros and aspiring cyber crooks targeted with fake PoC exploits Read More »

NPM Package With 56,000 Downloads Steals WhatsApp Credentials, Data

Malware, Malware & Threats, NPM /

NPM Package With 56,000 Downloads Steals WhatsApp Credentials, Data 2025-12-23 at 13:16 By Ionut Arghire The package provides legitimate functionality to evade detection, while stealing users’ data and deploying a backdoor. The post NPM Package With 56,000 Downloads Steals WhatsApp Credentials, Data appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

NPM Package With 56,000 Downloads Steals WhatsApp Credentials, Data Read More »

54 Charged in US Over ATM Attacks Involving ‘Ploutus’ Malware

ATM, ATM jackpotting, ATM malware, charges, cybercrime, Malware, Ploutus, Tren de Aragua, Venezuela /

54 Charged in US Over ATM Attacks Involving ‘Ploutus’ Malware 2025-12-22 at 16:14 By Eduard Kovacs The suspects are leaders and members of the Venezuelan crime syndicate Tren de Aragua. The post 54 Charged in US Over ATM Attacks Involving ‘Ploutus’ Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

54 Charged in US Over ATM Attacks Involving ‘Ploutus’ Malware Read More »

Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns

cyberattack, exploit, Malware, phishing, Remote Access Trojan, social engineering, trojan, vulnerability /

Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns 2025-12-19 at 14:43 By rohansinhacyblecom Executive Summary CRIL (Cyble Research and Intelligence Labs) has been tracking a sophisticated commodity loader utilized by multiple high-capability threat actors. The campaign demonstrates a high degree of regional and sectoral specificity, primarily targeting Manufacturing and Government organizations across

Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns Read More »

Group Policy abuse reveals China-aligned espionage group targeting governments

APT, China, cybercrime, ESET, Malware, News, surveillance /

Group Policy abuse reveals China-aligned espionage group targeting governments 2025-12-18 at 13:42 By Anamarija Pogorelec ESET Research has identified a previously undocumented China-aligned advanced persistent threat group that uses Windows Group Policy to deploy malware and move through victim networks. The group, tracked as LongNosedGoblin, has targeted government institutions in Southeast Asia and Japan with

Group Policy abuse reveals China-aligned espionage group targeting governments Read More »

France Probes ‘Foreign Interference’ After Remote Control Malware Found on Passenger Ferry

ferry, France, Malware, Malware & Threats, RAT, Russia /

France Probes ‘Foreign Interference’ After Remote Control Malware Found on Passenger Ferry 2025-12-18 at 13:42 By Associated Press France’s counterespionage agency is investigating a suspected cyberattack plot targeting an international passenger ferry The post France Probes ‘Foreign Interference’ After Remote Control Malware Found on Passenger Ferry appeared first on SecurityWeek. This article is an excerpt

France Probes ‘Foreign Interference’ After Remote Control Malware Found on Passenger Ferry Read More »

GhostPoster Firefox Extensions Hide Malware in Icons

extension, Firefox, GhostPoster, Malware, Malware & Threats /

GhostPoster Firefox Extensions Hide Malware in Icons 2025-12-17 at 12:47 By Ionut Arghire The malware hijacks purchase commissions, tracks users, removes security headers, injects hidden iframes, and bypasses CAPTCHA. The post GhostPoster Firefox Extensions Hide Malware in Icons appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

GhostPoster Firefox Extensions Hide Malware in Icons Read More »

Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery

China, China APT, exploited, Malware, Malware & Threats, React, React2Shell /

Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery 2025-12-15 at 16:01 By Eduard Kovacs Google has also mentioned seeing React2Shell attacks conducted by Iranian threat actors. The post Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery Read More »

Wide Range of Malware Delivered in React2Shell Attacks

Malware, Malware & Threats, React2Shell /

Wide Range of Malware Delivered in React2Shell Attacks 2025-12-11 at 14:54 By Eduard Kovacs Cybersecurity companies have been seeing a wide range of malware being delivered in attacks exploiting the critical React vulnerability dubbed React2Shell. A researcher discovered recently that React, the popular open source library for creating application user interfaces, is affected by a

Wide Range of Malware Delivered in React2Shell Attacks Read More »

V3G4 Botnet Evolves: From DDoS to Covert Cryptomining

botnet, Cryptominer, Malware, Mirai, V3G4 /

V3G4 Botnet Evolves: From DDoS to Covert Cryptomining 2025-12-10 at 08:53 By rohansinhacyblecom Executive Summary Cyble Research & Intelligence Labs (CRIL) has identified an active Linux-targeting campaign that deploys a Mirai-derived botnet, paired with a stealthy, fileless-configured cryptominer. The threat actor employs a multi-stage infection chain starting with a downloader that delivers architecture-specific V3G4 binaries

V3G4 Botnet Evolves: From DDoS to Covert Cryptomining Read More »

Scroll to Top