Malware

New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions

New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions 2025-09-26 at 14:50 By Ionut Arghire The malware now uses a four-stage infection chain, has an additional persistence mechanism, and also targets Firefox browser data. The post New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]

New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions Read More »

Ransomware groups are multiplying, raising the stakes for defenders

Ransomware groups are multiplying, raising the stakes for defenders 2025-09-26 at 09:08 By Sinisa Markovic Ransomware activity is climbing again, with a steep increase in the number of victims and the number of groups launching attacks. A new mid-year report from Searchlight Cyber shows how quickly the threat landscape is shifting and why CISOs need

Ransomware groups are multiplying, raising the stakes for defenders Read More »

SonicWall Updates SMA 100 Appliances to Remove Overstep Malware

SonicWall Updates SMA 100 Appliances to Remove Overstep Malware 2025-09-24 at 12:17 By Ionut Arghire The software update includes additional file checks and helps users remove the known rootkit deployed in a recent campaign. The post SonicWall Updates SMA 100 Appliances to Remove Overstep Malware appeared first on SecurityWeek. This article is an excerpt from

SonicWall Updates SMA 100 Appliances to Remove Overstep Malware Read More »

Malicious GitHub pages lure MacOS users into installing Atomic infostealer

Malicious GitHub pages lure MacOS users into installing Atomic infostealer 2025-09-22 at 17:52 By Zeljka Zorz MacOS users looking to download popular software such as LastPass, 1Password, After Effects, Gemini, and many others are in danger of getting saddled with the Atomic infostealer instead, LastPass has warned. The malware delivery campaign is ongoing and widespread

Malicious GitHub pages lure MacOS users into installing Atomic infostealer Read More »

Turla and Gamaredon Working Together in Fresh Ukrainian Intrusions

Turla and Gamaredon Working Together in Fresh Ukrainian Intrusions 2025-09-19 at 16:36 By Ionut Arghire Turla malware was deployed in February on select systems that Gamaredon had compromised in January. The post Turla and Gamaredon Working Together in Fresh Ukrainian Intrusions appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Turla and Gamaredon Working Together in Fresh Ukrainian Intrusions Read More »

CISA Analyzes Malware From Ivanti EPMM Intrusions

CISA Analyzes Malware From Ivanti EPMM Intrusions 2025-09-19 at 14:30 By Ionut Arghire Hackers chained two Ivanti EPMM vulnerabilities to collect system information, dump credentials, and execute malware. The post CISA Analyzes Malware From Ivanti EPMM Intrusions appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

CISA Analyzes Malware From Ivanti EPMM Intrusions Read More »

The unseen side of malware and how to find it

The unseen side of malware and how to find it 2025-09-19 at 08:31 By Anamarija Pogorelec Security teams rely on threat reports to understand what’s out there and to keep their organizations safe. But a new report shows that these reports might only reveal part of the story. Hidden malware variants are quietly slipping past

The unseen side of malware and how to find it Read More »

Old file types, new tricks: Attackers turn everyday files into weapons

Old file types, new tricks: Attackers turn everyday files into weapons 2025-09-17 at 07:44 By Anamarija Pogorelec Attackers are finding new ways to blend in with everyday business tools, hiding their activity inside formats and processes that workers and IT teams often trust. The latest quarterly Threat Insights Report from HP Wolf Security shows how

Old file types, new tricks: Attackers turn everyday files into weapons Read More »

Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers

Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers 2025-09-09 at 09:46 By Zeljka Zorz Researchers have spotted a malvertising (and clever malware delivery) campaign targeting IT workers in the European Union with fake GitHub Desktop installers. “We believe the goal of this campaign was to gain initial access to organizations for

Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers Read More »

New framework aims to outsmart malware evasion tricks

New framework aims to outsmart malware evasion tricks 2025-08-29 at 10:03 By Mirko Zorz Attackers have learned how to trick machine learning malware detectors with small but clever code changes, and researchers say they may finally have an answer. In a new paper, academics from Inria and the CISPA Helmholtz Center for Information Security describe

New framework aims to outsmart malware evasion tricks Read More »

Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime

Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime 2025-08-27 at 15:46 By Kevin Townsend Competition among malware-as-a-service developers has transformed infostealers into refined, accessible tools for cybercriminals worldwide. The post Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime Read More »

PromptLock: First AI-Powered Ransomware Emerges

PromptLock: First AI-Powered Ransomware Emerges 2025-08-27 at 14:51 By Ionut Arghire Proof-of-concept ransomware uses AI models to generate attack scripts in real time. The post PromptLock: First AI-Powered Ransomware Emerges appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

PromptLock: First AI-Powered Ransomware Emerges Read More »

Fake macOS help sites push Shamos infostealer via ClickFix technique

Fake macOS help sites push Shamos infostealer via ClickFix technique 2025-08-25 at 15:23 By Zeljka Zorz Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers have warned. To prevent macOS security features from blocking the installation, the malware peddlers

Fake macOS help sites push Shamos infostealer via ClickFix technique Read More »

Anatsa Android Banking Trojan Now Targeting 830 Financial Apps

Anatsa Android Banking Trojan Now Targeting 830 Financial Apps 2025-08-25 at 14:33 By Ionut Arghire The Anatsa Android banking trojan has expanded its target list to new countries and more cryptocurrency applications. The post Anatsa Android Banking Trojan Now Targeting 830 Financial Apps appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Anatsa Android Banking Trojan Now Targeting 830 Financial Apps Read More »

Microsoft Dissects PipeMagic Modular Backdoor

Microsoft Dissects PipeMagic Modular Backdoor 2025-08-19 at 17:07 By Ionut Arghire PipeMagic, which poses as a ChatGPT application, is a modular malware framework that provides persistent access and flexibility. The post Microsoft Dissects PipeMagic Modular Backdoor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Dissects PipeMagic Modular Backdoor Read More »

Noodlophile infostealer is hiding behind fake copyright and PI infringement notices

Noodlophile infostealer is hiding behind fake copyright and PI infringement notices 2025-08-18 at 16:12 By Zeljka Zorz Attackers pushing the Noodlophile infostealer are targeting businesses with spear-phishing emails threatening legal action due to copyright or intellectual property infringement, Morphisec researchers have warned. The campaign The emails, ostensibly sent by a law firm, are tailored to

Noodlophile infostealer is hiding behind fake copyright and PI infringement notices Read More »

Ransomware groups shift to quadruple extortion to maximize pressure

Ransomware groups shift to quadruple extortion to maximize pressure 2025-08-05 at 07:33 By Help Net Security Threat actors are using a new quadruple extortion tactic in ransomware campaigns, while double extortion remains the most common approach, according to Akamai. Ransomware extortion tactics (Source: Akamai) The emerging trend of quadruple extortion includes using DDoS attacks to

Ransomware groups shift to quadruple extortion to maximize pressure Read More »

SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack

SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack 2025-07-24 at 13:18 By Ionut Arghire SonicWall advises organizations to patch SMA 100 appliances and look for IoCs associated with Overstep malware attacks. The post SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack appeared first on SecurityWeek. This article is an

SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack Read More »

Coyote Banking Trojan First to Abuse Microsoft UIA

Coyote Banking Trojan First to Abuse Microsoft UIA 2025-07-23 at 16:20 By Eduard Kovacs Akamai’s analysis of the Coyote malware revealed that it abuses Microsoft’s UIA accessibility framework to obtain data. The post Coyote Banking Trojan First to Abuse Microsoft UIA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Coyote Banking Trojan First to Abuse Microsoft UIA Read More »

Lumma Stealer Malware Returns After Takedown Attempt

Lumma Stealer Malware Returns After Takedown Attempt 2025-07-23 at 13:03 By Eduard Kovacs The Lumma Stealer is back after Microsoft and law enforcement took action to significantly disrupt the malware’s infrastructure. The post Lumma Stealer Malware Returns After Takedown Attempt appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Lumma Stealer Malware Returns After Takedown Attempt Read More »

Scroll to Top