A cybercriminal group known as TA558 has orchestrated a vast phishing campaign aimed at a wide array of industries across Latin America, with the intent of disseminating the malicious software Venom RAT. The primary...
Cybersecurity specialists have unearthed a new variant of the Android Trojan, code-named Vultur, endowed with sophisticated remote control capabilities and mechanisms for circumventing protection. The company ThreatFabric reported the first version of this malicious...
Specialists at Kaspersky Lab have identified a Linux version of the multi-platform backdoor DinodasRAT (XDealer), targeting China, Taiwan, Turkey, and Uzbekistan. This Remote Access Trojan, crafted in C++, is adept at extracting a broad...
CyberArk specialists report that malefactors are mastering new methodologies to access users’ data without the necessity for passwords or multifactor authentication requests. A prevalent technique involves intercepting web sessions through the theft of cookie...
Specialists at ReversingLabs have uncovered a suspicious package within the NuGet package manager, ostensibly targeting developers who utilize tools from the Chinese company Bozhon Precision Industry Technology, which specializes in the production of industrial...
Black Lotus Labs has identified a new variant of the TheMoon malware, targeting SOHO offices and IoT devices across 88 countries, which has already infected nearly 7,000 ASUS routers. TheMoon is associated with the...
Twenty-eight free VPN applications on Google Play were found to employ a malicious SDK, transforming Android devices into residential proxies, likely utilized for cybercrimes and bot operations. The team at HUMAN discovered that these...
The popular service Top.gg, aiding users in finding servers and bots for Discord, suffered from a supply chain attack. Malefactors injected malicious code into Python packages used by bot developers, evidently aiming to steal...
Over the last six months, tens of thousands of web resources have fallen victim to a large-scale campaign deploying the previously unknown malicious program Sign1. Perpetrators have been embedding this malware into WordPress sites,...
The cybercrime collective known as UNC4210 orchestrated an assault on the digital infrastructure of a European non-governmental organization, deploying the malign software TinyTurla-NG to establish a backdoor. This cyberattack was meticulously documented in a...
In a recent report by Unit 42 researchers from Palo Alto Networks, a new series of phishing attacks aimed at disseminating malicious software named StrelaStealer has been identified. This threat has impacted over 100...
The Israeli cybersecurity firm Perception Point has unveiled details of a new phishing campaign targeting American organizations. The operation, code-named PhantomBlu, aims to infiltrate systems with the NetSupport RAT, a malicious version of the...
Security researchers at SentinelLabs have uncovered a new variant of the wiper, AcidRain, meticulously engineered for assaults on Linux x86 devices. Dubbed AcidPour, this malicious entity manifests as a binary ELF file, tailored for...
Netskope Threat Labs has uncovered a new campaign leveraging Google Sites phishing pages to disseminate the info-stealer AZORult. This phishing endeavor is not yet attributed to any specific malefactor or group; it aims to...
The cybersecurity firm Securonix has uncovered a new campaign in which hackers employ sophisticated techniques to infiltrate Windows computers and exfiltrate confidential data. Named DEEP#GOSU, the campaign is believed to be linked to the...
IBM X-Force reports a series of phishing campaigns by ITG05, involving the distribution of counterfeit documents purporting to be from governmental and non-governmental organizations across Europe, the Caucasus, Central Asia, and both North and...
