Category: Malware

GTPDOOR backdoor

New Linux Threat: GTPDOOR Backdoor Spies on Networks

Researchers have unveiled a novel menace targeting telecommunications networks: the cunning Linux-based backdoor, GTPDOOR, exploiting GPRS protocol vulnerabilities to clandestinely monitor infected devices. This malevolent software, linked to the notorious hacking collective LightBasin previously...

GitHub malicious campaign

GitHub Under Attack: 100,000+ Fake Repositories Spreading Malware

Researchers at Apiiro investigated a widespread campaign of attacks on the GitHub platform using malicious repositories. The experts identified over 100,000 counterfeit repositories, mimicking popular open-source projects to disseminate malware. The number of such...

Bifrost malware

Bifrost Trojan Targets Linux with VMware Deception

A new Linux version of the Bifrost remote access trojan has emerged, employing a suite of novel camouflage techniques. Among its primary tools is a deceptive domain, mimicking the legitimate VMware. First identified two...

malicious packages

Lazarus Group Targets Python Developers with Malicious Packages

The North Korea-supported hacker group Lazarus has uploaded four malicious packages to the Python Package Index (PyPI) repository, aiming to infect developers’ systems with malevolent software. The implicated packages—“pycryptoenv,” “pycryptoconf,” “quasarlib,” and “swapmempool”—have been...

AMOS Stealer

Warning: AMOS Stealer Variant Targets macOS

Specialists at Bitdefender have discovered a new variant of the malicious software AMOS Stealer (or Atomic Stealer), one of the most prevalent cyber threats for macOS users over the past year. According to Bitdefender...

Xeno RAT

Open-Source Malware: The Xeno RAT Threat Exposed

A new advanced Remote Access Tool (RAT) named Xeno RAT has been published on GitHub. This Trojan, crafted in the C# programming language and compatible with Windows 10 and Windows 11 operating systems, offers...

Banking Trojans Google Cloud Run

Banking Trojans Surge on Google Cloud Run

Analysts warn that hackers have increasingly exploited the Google Cloud Run service for the widespread distribution of banking trojans such as Astaroth, Mekotio, and Ousaban. Google Cloud Run enables users to deploy front-end and...