Security News
Microsoft on Thursday said it’s once again disabling the ms-appinstaller protocol handler by default following its abuse by multiple threat actors to distribute malware. “The observed threat actor...
Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using the Steam update system. As developer Michael Mayhem told BleepingComputer, the compromised package is the prepackaged standalone modified version of the original game and not a mod installed via Steam Workshop.
Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using the Steam update system. As developer Michael Mayhem told BleepingComputer, the compromised package is the prepackaged standalone modified version of the original game and not a mod installed via Steam Workshop.
Microsoft has again disabled the MSIX ms-appinstaller protocol handler after multiple financially motivated threat groups abused it to infect Windows users with malware. Microsoft says the threat actors use both malicious advertisements for popular software and Microsoft Teams phishing messages to push signed malicious MSIX application packages.
Ukraine's Computer Emergency Response Team is warning of a new phishing campaign that allowed Russia-linked hackers to deploy previously unseen malware on a network in under one hour. The links redirect victims to malicious web resources that employ JavaScript to drop a Windows shortcut file that launches PowerShell commands to trigger an infection chain for a new Python malware downloader called 'MASEPIE.'.
A new malware loader is being used by threat actors to deliver a wide range of information stealers such as Lumma Stealer (aka LummaC2), Vidar, RecordBreaker (aka Raccoon Stealer V2), and Rescoms....
A previously unknown Android backdoor named 'Xamalicious' has infected approximately 338,300 devices via malicious apps on Google Play, Android's official app store. Even though the apps have since been removed from Google Play, users who installed them since mid-2020 might still carry active Xamalicious infections on their phones, requiring manual scans and cleanup.
A new Android backdoor has been discovered with potent capabilities to carry out a range of malicious actions on infected devices. Dubbed Xamalicious by the McAfee Mobile Research Team, the...
The banking malware known as Carbanak has been observed being used in ransomware attacks with updated tactics. "The malware has adapted to incorporate attack vendors and techniques to diversify...
Cybersecurity company ESET released its H2 2023 threat report, and we're highlighting three particularly interesting topics in it: the abuse of the ChatGPT name by cybercriminals, the rise of the Lumma Stealer malware and the Android SpinOk SDK spyware. In the second half of 2023, ESET has blocked 650,000 attempts to access malicious domains whose names include "Chatgpt" or similar string in an apparent reference to the ChatGPT chatbot.