Security News

Cybercriminals pose as "helpful" Stack Overflow users to push malware
2024-05-29 23:22

Cybercriminals are abusing Stack Overflow in an interesting approach to spreading malware-answering users' questions by promoting a malicious PyPi package that installs Windows information-stealing malware. Sonatype researcher Ax Sharma discovered this new PyPi package is part of a previously known 'Cool package' campaign, named after a string in the package's metadata, that targeted Windows users last year.

Pakistan-linked Hackers Deploy Python, Golang, and Rust Malware on Indian Targets
2024-05-27 06:31

The Pakistan-nexus Transparent Tribe actor has been linked to a new set of attacks targeting Indian government, defense, and aerospace sectors using cross-platform malware written in Python,...

Beware: These Fake Antivirus Sites Spreading Android and Windows Malware
2024-05-24 12:50

Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing...

JAVS Courtroom Recording Software Backdoored - Deploys RustDoor Malware
2024-05-24 09:48

Malicious actors have backdoored the installer associated with courtroom video recording software developed by Justice AV Solutions (JAVS) to deliver malware that's associated with a known...

Stealthy BLOODALCHEMY Malware Targeting ASEAN Government Networks
2024-05-24 09:13

Cybersecurity researchers have discovered that the malware known as BLOODALCHEMY used in attacks targeting government organizations in Southern and Southeastern Asia is in fact an updated version...

IBM X-Force Report: Grandoreiro Malware Targets More Than 1,500 Banks in 60 Countries
2024-05-23 18:34

A new report from IBM X-Force exposes changes in the Grandoreiro malware landscape. The banking trojan is now capable of targeting more than 1,500 global banks in more than 60 countries, and it has been updated with new features.

Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users
2024-05-21 14:19

A new attack campaign dubbed CLOUD#REVERSER has been observed leveraging legitimate cloud storage services like Google Drive and Dropbox to stage malicious payloads. "The VBScript and PowerShell...

SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure
2024-05-21 13:07

The persistent threat actors behind the SolarMarker information-stealing malware have established a multi-tiered infrastructure to complicate law enforcement takedown efforts, new findings from...

Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal
2024-05-20 12:20

Multiple threat actors are weaponizing a design flaw in Foxit PDF Reader to deliver a variety of malware such as Agent Tesla, AsyncRAT, DCRat, NanoCore RAT, NjRAT, Pony, Remcos RAT, and XWorm....

Cyber Criminals Exploit GitHub and FileZilla to Deliver Malware Cocktail
2024-05-20 09:26

A "multi-faceted campaign" has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic (aka AMOS), Vidar,...