Security News

Microsoft spots XCSSET macOS malware variant used for crypto theft
2025-02-17 16:04

A new variant of the XCSSET macOS modular malware has emerged in attacks that target users' sensitive information, including digital wallets and data from the legitimate Notes app. [...]

⚡ THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and More
2025-02-17 09:19

Welcome to this week’s Cybersecurity News Recap. Discover how cyber attackers are using clever tricks like fake codes and sneaky emails to gain access to sensitive data. We cover everything from...

North Korea targets crypto developers via NPM supply chain attack
2025-02-13 12:00

Yet another cash grab from Kim's cronies and an intel update from Microsoft North Korea has changed tack: its latest campaign targets the NPM registry and owners of Exodus and Atomic...

zkLend loses $9.5M in crypto heist, asks hacker to return 90%
2025-02-12 23:08

Decentralized money lender zkLend suffered a breach where threat actors exploited a smart contract flaw to steal 3,600 Ethereum, worth $9.5 million at the time. [...]

Triplestrength hits victims with triple trouble: Ransomware, cloud hijacks, crypto-mining
2025-02-11 20:42

These crooks have no chill A previously unknown gang dubbed Triplestrength poses a triple threat to organizations: It infects victims' computers with ransomware, then hijacks their cloud accounts...

Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play
2025-02-09 09:00

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) CVE-2025-0411, a...

SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images
2025-02-06 11:32

A new malware campaign dubbed SparkCat has leveraged a suit of bogus apps on both Apple's and Google's respective app stores to steal victims' mnemonic phrases associated with cryptocurrency...

Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign
2025-02-05 14:55

The North Korea-linked Lazarus Group has been linked to an active campaign that leverages fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver malware capable of infecting...

Crypto-stealing iOS, Android malware found on App Store, Google Play
2025-02-05 11:09

A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate cryptowallets’ seed recovery phrases, Kaspersky...

Crypto-stealing apps found in Apple App Store for the first time
2025-02-04 20:16

A new campaign dubbed 'SparkCat' has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. [...]