Security News

Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique
2025-05-23 17:24

The malware known as Latrodectus has become the latest to embrace the widely-used social engineering technique called ClickFix as a distribution vector. "The ClickFix technique is particularly...

TikTok videos + ClickFix tactic = Malware infection
2025-05-23 12:37

Malware peddlers are using TikTok videos and the ClickFix tactic to trick users into installing infostealer malware on their computers, Trend Micro researchers have warned. The videos are getting...

TikTok videos now push infostealer malware in ClickFix attacks
2025-05-23 09:50

Cybercriminals are using TikTok videos to trick users into infecting themselves with Vidar and StealC information-stealing malware in ClickFix attacks. [...]

Europol Dismantles Kidflix With 72,000 CSAM Videos Seized in Major Operation
2025-04-03 03:58

In one of the largest coordinated law enforcement operations, authorities have dismantled Kidflix, a streaming platform that offered child sexual abuse material (CSAM). "A total of 1.8 million...

List of Old NSA Training Videos
2024-09-03 16:03

The NSA’s “National Cryptographic School Television Catalogue” from 1991 lists about 600 COMSEC and SIGINT training videos. There are a bunch explaining the operations of various cryptographic...

New Research in Detecting AI-Generated Videos
2024-07-29 11:02

The new tool the research project is unleashing on deepfakes, called "MISLnet", evolved from years of data derived from detecting fake images and video with tools that spot changes made to digital video or images. These may include the addition or movement of pixels between frames, manipulation of the speed of the clip, or the removal of frames.

Telegram App Flaw Exploited to Spread Malware Hidden in Videos
2024-07-24 11:59

A zero-day security flaw in Telegram's mobile app for Android called EvilVideo made it possible for attackers to malicious files disguised as harmless-looking videos. The exploit appeared for sale...

Vulnerability in Telegram app for Android allows sending malicious files disguised as videos
2024-07-23 09:04

Using the exploit to abuse a vulnerability that ESET named "EvilVideo," attackers could share malicious Android payloads via Telegram channels, groups, and chats, and make them appear to be multimedia files. "We found the exploit being advertised for sale on an underground forum. In the post, the seller shows screenshots and a video of testing the exploit in a public Telegram channel. We were able to identify the channel in question, with the exploit still available. That allowed us to get our hands on the payload and test it ourselves," explains ESET researcher Lukáš Štefanko, who discovered the Telegram exploit.

Telegram zero-day allowed sending malicious Android APKs as videos
2024-07-22 14:41

A Telegram for Android zero-day vulnerability dubbed 'EvilVideo' allowed attackers to send malicious Android APK payloads disguised as video files. A threat actor named 'Ancryno' first began selling the Telegram zero-day exploit on June 6, 2024, in a post on the Russian-speaking XSS hacking forum, stating the flaw existed in Telegram v10.14.4 and older.

YouTube tests harder-to-block server-side ad injection in videos
2024-06-13 14:42

YouTube reportedly now injects ads directly into video streams to make it more difficult for ad blockers to block advertisements. Currently, YouTube performs client-side ad injection, where JavaScript scripts and the video player on a user's device load and display ads.