Krebs on Security

MAY 22, 2025

government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot , a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. DanaBot’s features, as promoted on its support site. DanaBot’s features, as promoted on its support site.

Malware 173

Malware Cybercrime Government Banking 173

Security Affairs

APRIL 26, 2025

Veritaco CEO Jeffrey Bowie faces charges for allegedly installing malware on hospital computers, violating Oklahoma’s Computer Crimes Act. The man is accused of having installed the malware on the hospital computers on August 6, 2024. . Anthony Hospital. ” reads the hospital’s statement. ” St.

Malware 145

Malware Cybersecurity Healthcare Media 145

Security Affairs

OCTOBER 22, 2024

Experts warn of a new wave of attacks involving the Bumblebee malware, months after Europol’s ‘ Operation Endgame ‘ that disrupted its operations in May. The Bumblebee malware loader has resurfaced in new attacks, four months after Europol disrupted it during “ Operation Endgame ” in May.

Malware 125

Malware Phishing Ransomware Hacking 125

Security Affairs

JANUARY 14, 2025

The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the United States, the U.S. The Justice Department and FBI, along with international partners, announced they deleted PlugX malware from thousands of infected computers worldwide as part of a multi-month law enforcement operation.

Malware 122

Malware Government Hacking Cybersecurity 122

Schneier on Security

MARCH 14, 2025

There is a new botnet that is infecting TP-Link routers: The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the malware can spread itself across the internet automatically.

Manufacturing 297

Manufacturing Healthcare Malware Internet 297

Security Affairs

JANUARY 16, 2025

Researchers discovered a 13,000-device MikroTik botnet exploiting DNS flaws to spoof 20,000 domains and deliver malware. Infoblox researchers discovered a botnet of 13,000 MikroTik devices that exploits DNS misconfigurations to bypass email protections, spoof approximately 20,000 domains, and deliver malware.

DNS 139

DNS Malware Firmware Authentication 139

Security Affairs

APRIL 16, 2025

Attackers infiltrated the supply chain, embedding malware in pre-installed apps. The experts found malware-laced applications pre-installed on the phone. The malware injected via LSPatch into ~40 legitimate-looking apps, including messengers and QR scanners, is dubbed dubbed Shibai. ” continues the report.

Malware 129

Malware Manufacturing Mobile Spyware 129

Security Affairs

MARCH 24, 2025

The FBI warns of a significant increase in scams involving free online document converters to infect users with malware. The FBI warns that threat actors use malicious online document converters to steal users sensitive information and infect their systems with malware. ” reads the alert. ” continues the alert.

Malware 117

Malware Scams Identity Theft Antivirus 117

Security Affairs

MARCH 30, 2025

Cybersecurity and Infrastructure Security Agency (CISA) warns of RESURGE malware, targeting a vulnerability in Ivanti Connect Secure (ICS) appliances. Cybersecurity and Infrastructure Security Agency (CISA) published a Malware Analysis Report (MAR) on a new malware called RESURGE.

Malware 122

Malware Authentication Encryption Cybersecurity 122

Malwarebytes

OCTOBER 31, 2024

Last time FakeCall reared its head, BleepingComputer reported that the malware was being distributed as fake banking apps that impersonate large financial institutions, as well as being distributed in phishing emails. The FakeCall malware abuses this trust by hijacking the user’s call to a financial institution.

Banking 145

Banking Malware Phishing Risk 145

Security Affairs

JANUARY 24, 2025

It activates upon detecting a “magic packet” with predefined parameters, enabling attackers to establish a reverse shell, control devices, steal data, or deploy malware. The J-magic campaign is notable for targeting JunoOS, a FreeBSD-based operating system that threat actors rarely target in malware attacks.

Malware 122

Malware VPN Encryption Hacking 122

Malwarebytes

NOVEMBER 15, 2024

Physical letters that contain a QR code to trick people into downloading malware are being sent through the mail, according to a warning issued by The Swiss National Cyber Security Centre (NCSC). Use anti-malware protection on your devices Your mobile devices are in need of protection just as much as your computer.

Malware 137

Malware Banking Mobile Software 137

eSecurity Planet

OCTOBER 22, 2024

These malware scams lure individuals with fake conference invitations designed to mimic legitimate meeting requests and exploit users’ trust. You are then guided to execute PowerShell code designed to “fix” the supposed problem, unwittingly allowing malware to infiltrate their systems.

Scams 123

Scams Malware Phishing Social Engineering 123

eSecurity Planet

MAY 11, 2025

Technical support consultant using programming to upgrade artificial intelligence simulation model As AI tools boom in popularity, cyberthieves are exploiting the excitement with fake AI video editing platforms that lure users into downloading malware. The Noodlophile Stealer is a new malware strain. Credit: Morphisec Whos behind it?

Malware 106

Malware Scams Media Artificial Intelligence 106

Security Affairs

MAY 20, 2025

In April, SK Telecom reported that threat actors gained access to USIM-related information for customers following a malware attack. On May 8, 2025, the Personal Information Protection Committee found that malware compromised 25 types of data in the SK Telecom breach. SKT was instructed to notify all 25.64

Malware 107

Malware Mobile Data breaches Wireless 107

Tech Republic Security

MAY 13, 2025

By downloading what they believe is an AI-generated video, victims have installed malware that can steal their data or offer attackers remote access to infected devices.

Malware 133

Malware Artificial Intelligence Social Engineering Engineering 133

The Hacker News

MAY 7, 2025

The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an espionage-focused campaign using ClickFix-like social engineering lures.

Social Engineering 132

Social Engineering Malware Engineering 132

Malwarebytes

MARCH 17, 2025

Instead of converting files, the tools actually load malware onto victims computers. The FBI warned specifically about that malware leading to ransomware attacks, but we’ve also seen similar sites that install browser hijackers, adware, and potentially unwanted programs (PUPs). This is the actual malware.

Malware 139

Malware Adware Education Phishing 139

Security Affairs

MAY 18, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape PupkinStealer : A.NET-Based Info-Stealer Interlock ransomware evolving under the radar Technical Analysis of TransferLoader Sophisticated NPM Attack Leveraging Unicode Steganography and Google Calendar C2 Horabot Unleashed: (..)

Malware 105

Malware Encryption Phishing Hacking 105

SecureList

MARCH 3, 2025

million attacks involving malware, adware or unwanted mobile software were prevented. million malware, adware or unwanted software attacks targeting mobile devices. Some time later, the user received a phishing link to download malware disguised as a shipment tracking app. A total of 1.1 A total of 1.1

Mobile 115

Mobile Malware Adware Banking 115

The Last Watchdog

JANUARY 7, 2025

Ramat Gan, Israel, January 7th, 2025, CyberNewswire — CyTwist , a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware. Evasion: AI-generated threats mimic human behavior, complicating detection for security teams.

Threat Detection 130

Threat Detection Engineering Malware Artificial Intelligence 130

Penetration Testing

MAY 14, 2025

Malware authors have begun exploiting Google Calendar invites and Unicode Private Use Area (PUA) characters to deliver obfuscated The post Obfuscated Malware Delivered via Google Calendar Invites and Unicode PUAs appeared first on Daily CyberSecurity.

Malware 103

Malware Cybersecurity 103

Security Affairs

APRIL 25, 2025

Researchers identified a new malware, named DslogdRAT, deployed after exploiting a now-patched flaw in Ivanti Connect Secure (ICS). JPCERT/CC researchers reported that a new malware, dubbed DslogdRAT, and a web shell were deployed by exploiting a zero-day vulnerability during attacks on Japanese organizations in December 2024.

Malware 94

Malware Hacking Authentication Cybersecurity 94

Security Affairs

MAY 11, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape iClicker site hack targeted students with malware via fake CAPTCHA New Noodlophile Stealer Distributes Via Fake AI Video Generation Platforms Backdoor found in popular ecommerce components Stealthy Linux backdoor leveraging (..)

Malware 96

Malware eCommerce Hacking Ransomware 96

Penetration Testing

MAY 13, 2025

The Seqrite Labs APT-Team has uncovered a complex cyber-espionage operation dubbed Swan Vector, targeting educational institutions and the The post Swan Vector Espionage Targets Japan & Taiwan with Advanced Malware appeared first on Daily CyberSecurity.

Malware 109

Malware Education Cybersecurity 109

Penetration Testing

MAY 14, 2025

First spotted in 2022 and actively developed ever since, DarkCloud Stealer has reemerged with a sophisticated new variant The post DarkCloud Stealer Returns: AutoIt-Powered Malware Strikes with New Stealth Tactics appeared first on Daily CyberSecurity.

Malware 110

Malware Cybersecurity Phishing 110

Security Affairs

APRIL 21, 2025

Cleafy researchers discovered a new malware-as-a-service (MaaS) called SuperCard X targeting Android devices with NFC relay attacks for fraudulent cash-outs. Analysis of the SuperCard X campaign in Italy revealed custom malware builds tailored for regional use.

Malware 107

Malware Social Engineering Banking Engineering 107

Krebs on Security

MARCH 14, 2025

A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. This particular scam usually starts with a website popup that looks something like this: This malware attack pretends to be a CAPTCHA intended to separate humans from bots.

Phishing 283

Phishing Malware Scams Passwords 283

The Hacker News

MAY 12, 2025

Threat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to entice users into downloading an information stealer malware dubbed Noodlophile.

Artificial Intelligence 132

Artificial Intelligence Malware Advertising Media 132

Security Affairs

APRIL 21, 2025

Russia-linked group APT29 targeted diplomatic entities across Europe with a new malware loader codenamed GRAPELOADER. The phishing emails either led to malware delivery via GRAPELOADER or redirected to the Ministry’s real website to appear legitimate. The malware is highly targeted and leaves no traces of the next-stage payload.

Malware 107

Malware Phishing Encryption Hacking 107

Malwarebytes

JANUARY 9, 2025

Small businesses and boutique organizations should use caution when leaning on browser-friendly artificial intelligence (AI) tools to generate ideas, content, and marketing copy, as a set of Google Chrome extensions were recently compromised to deliver info-stealing malware disguised as legitimate updates.

Malware 127

Malware Small Business Artificial Intelligence VPN 127

Malwarebytes

APRIL 24, 2025

Then you’re like millions of other users now at risk from a new form of cybercrime – malware that can read your credit or debit card and hand its data over to an attacker. The malware, which cybersecurity company Cleafy calls SuperCard X, uses a feature now found in most Android phones: near-field communication (NFC).

Malware 96

Malware Banking Software Social Engineering 96

Penetration Testing

APRIL 12, 2025

AhnLab Security intelligence Center (ASEC) has revealed a cyberattack campaign where Arabic-speaking attackers are distributing ViperSoftX malware, targeting The post ViperSoftX Malware: Arabic-Speaking Attackers Exploit PowerShell in New Cyberattack Campaign appeared first on Daily CyberSecurity.

Malware 116

Malware Security Intelligence Cybersecurity Software 116

Security Affairs

FEBRUARY 24, 2025

CYFIRMA researchers discovered that the SpyLend Android malware was downloaded 100,000 times from the official app store Google Play. CYFIRMA researchers discovered an Android malware, named SpyLend, which was distributed through Google Play as Finance Simplified.

Malware 120

Malware Marketing Hacking Mobile 120

Schneier on Security

DECEMBER 6, 2024

The company’s Mobile Threat Hunting feature uses a combination of malware signature-based detection, heuristics, and machine learning to look for anomalies in iOS and Android device activity or telltale signs of spyware infection. This tool seems to do a pretty good job.

Spyware 354

Spyware Mobile Malware 354

SecureWorld News

MAY 9, 2025

Google's Threat Intelligence Group (GTIG) has identified a new malware strain, dubbed "LOSTKEYS," attributed to the Russian state-sponsored hacking group COLDRIVER. The introduction of LOSTKEYS signifies a strategic shift towards deploying malware for direct data exfiltration.

Malware 83

Malware Social Engineering Engineering Government 83

Malwarebytes

APRIL 24, 2025

ELUSIVE COMET targets its victims by luring them into a Zoom video call and then taking over their PC to install malware, infiltrate their accounts, and steal their assets. The attack is by a crime group that the Security Alliance call ELUSIVE COMET in a warning about the threat last month. He took the bait.

Malware 138

Malware Media Accountability Cryptocurrency 138