Articles tagged: malware
16 articles found
North Korea's APT37 Uses Facebook for Malware Delivery
APT37, a North Korean hacking group, has been attributed to a social engineering campaign using Facebook to deliver RokRAT malware. This campaign highlights the evolving tactics of nation-state actors in cyber espionage. Readers should understand the threat and take action to protect themselves.
Supply Chain Under Siege
Recent supply chain attacks have compromised CPUID's API, exposed Eurail customer data, and stolen millions from Bitcoin Depot. Learn about these high-severity breaches and how to protect yourself.
Zero-Day Exploits Hit Adobe Reader & WordPress
Critical zero-day vulnerabilities in Adobe Reader and WordPress are being actively exploited, posing significant risks to users and organizations. These exploits require immediate attention to prevent malicious attacks.
Critical Infrastructure Under Siege
Vulnerabilities in critical infrastructure pose significant risks, with ShareFile flaws and Hitachi Energy's Ellipse product under attack. Emerging threats like CrystalRAT malware and Casbaneiro bank trojan also threaten security. Learn about the key threats and how to protect yourself.
Zero-Day Exploits Hit TrueConf Servers and Banking Systems
Hackers exploit zero-day vulnerability in TrueConf conference servers to push malicious updates, while a phishing campaign targets Latin America and Europe with Windows banking trojans like Casbaneiro. These attacks highlight the ongoing threat of zero-day exploits and social engineering.
Claude Code Leak Sparks Malware Fears
The recent Claude Code source code leak has led to the exploitation of a critical vulnerability, allowing threat actors to deliver Vidar information-stealing malware via fake GitHub repositories. This poses significant risks to users and highlights the importance of swift security reviews and patches.
New Malware Threats Emerge
A surge in new malware threats has been detected, including CrystalRAT, AGEWHEEZE, and AtlasCross RAT. These threats pose a significant risk to individuals and organizations, with capabilities such as remote access, data theft, and keylogging.
DeepLoad Malware Spreads with ClickFix
A new malware loader called DeepLoad has been discovered, using the ClickFix social engineering tactic to distribute itself and steal browser credentials. This high-severity threat utilizes AI-assisted obfuscation and WMI persistence, making it a significant concern for security professionals.
GitHub Malware Alert
A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts, tricking users into downloading malware. This poses a significant risk to developer systems and projects, emphasizing the need for caution when interacting with VS Code alerts.
Telnyx PyPI Package Hacked
The Telnyx package on Python Package Index was compromised with malware, highlighting supply chain attack risks. Learn how to protect your systems and verify package integrity.
Malware Campaigns Target Crypto & Browser Data
Active malware and ransomware campaigns are targeting cryptocurrency and browser data, with threats like GlassWorm using Solana dead drops. Learn about the latest attacks and how to protect yourself.
Cybercrime and Law Enforcement Under Spotlight
The Cyber National Mission Force is getting a new commander amid broader leadership turnover. Meanwhile, Poland foiled a cyberattack on a nuclear center that may have originated from Iran, and US law enforcement agencies disrupted the SocksEscort cybercrime proxy network powered by Linux malware.
Google Looker Studio Vulnerabilities Exposed
High-severity vulnerabilities in Google Looker Studio and malicious Chrome extensions pose significant threats, while evolving malware and new security platforms highlight the cat-and-mouse game in cybersecurity. Learn about the latest developments and how to protect yourself.
Nation-State Actors Unleash New Malware Campaigns
Nation-state actors are launching sophisticated malware campaigns, including the ClickFix social engineering campaign and attacks on Iraqi officials. These threats highlight the evolving landscape of cyberattacks and the need for heightened security measures.
AI-Driven Threats Intensify Nation-State Attacks
Nation-state actors are leveraging AI-powered tools to launch sophisticated cyberattacks, targeting governments and organizations worldwide. Recent campaigns by Transparent Tribe and Iranian APT hackers demonstrate the growing threat of AI-driven attacks. Stay informed on the latest threats and learn how to protect your organization.
Ongoing Cyberattacks and Data Breaches
Multiple high-severity cyberattacks and data breaches are ongoing, including North Korean hackers deploying new malware to breach air-gapped networks and compromises of medical device manufacturer UFP Technologies and Sangoma FreePBX instances. These attacks highlight the need for vigilance in cybersecurity.