Schneier on Security

JANUARY 30, 2025

There are thousands of fake Reddit and WeTransfer webpages that are pushing malware. They exploit people who are using search engines to search sites like Reddit. Unsuspecting victims clicking on the link are taken to a fake WeTransfer site that mimicks the interface of the popular file-sharing service. ” Boingboing post.

Malware 235

Malware Engineering 235

Krebs on Security

MAY 28, 2025

Authorities in Pakistan have arrested 21 individuals accused of operating “ Heartsender ,” a once popular spam and malware dissemination service that operated for more than a decade. Some of the core developers and sellers of Heartsender posing at a work outing in 2021.

Malware 208

Malware Cybercrime Antivirus Scams 208

Security Affairs

APRIL 26, 2025

Veritaco CEO Jeffrey Bowie faces charges for allegedly installing malware on hospital computers, violating Oklahoma’s Computer Crimes Act. The man is accused of having installed the malware on the hospital computers on August 6, 2024. . Anthony Hospital. ” reads the hospital’s statement. ” St.

Malware 145

Malware Cybersecurity Healthcare Media 145

Security Affairs

JANUARY 16, 2025

Researchers discovered a 13,000-device MikroTik botnet exploiting DNS flaws to spoof 20,000 domains and deliver malware. Infoblox researchers discovered a botnet of 13,000 MikroTik devices that exploits DNS misconfigurations to bypass email protections, spoof approximately 20,000 domains, and deliver malware.

DNS 139

DNS Malware Firmware Authentication 139

Security Affairs

APRIL 16, 2025

Attackers infiltrated the supply chain, embedding malware in pre-installed apps. The experts found malware-laced applications pre-installed on the phone. The malware injected via LSPatch into ~40 legitimate-looking apps, including messengers and QR scanners, is dubbed dubbed Shibai. ” continues the report.

Malware 130

Malware Manufacturing Mobile Spyware 130

Security Affairs

MARCH 30, 2025

Cybersecurity and Infrastructure Security Agency (CISA) warns of RESURGE malware, targeting a vulnerability in Ivanti Connect Secure (ICS) appliances. Cybersecurity and Infrastructure Security Agency (CISA) published a Malware Analysis Report (MAR) on a new malware called RESURGE.

Malware 123

Malware Authentication Encryption Cybersecurity 123

Security Affairs

MARCH 24, 2025

The FBI warns of a significant increase in scams involving free online document converters to infect users with malware. The FBI warns that threat actors use malicious online document converters to steal users sensitive information and infect their systems with malware. ” reads the alert. ” continues the alert.

Malware 118

Malware Scams Identity Theft Antivirus 118

Schneier on Security

MARCH 14, 2025

There is a new botnet that is infecting TP-Link routers: The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the malware can spread itself across the internet automatically.

Manufacturing 290

Manufacturing Healthcare Malware Internet 290

Security Affairs

JULY 6, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape 10 Things I Hate About Attribution: RomCom vs. TransferLoader macOS NimDoor | DPRK Threat Actors Target Web3 and Crypto Platforms with Nim-Based Malware Warning Against Distribution of Malware Disguised as Research (..)

Malware 100

Malware Hacking Data breaches Cybercrime 100

Malwarebytes

NOVEMBER 15, 2024

Physical letters that contain a QR code to trick people into downloading malware are being sent through the mail, according to a warning issued by The Swiss National Cyber Security Centre (NCSC). Use anti-malware protection on your devices Your mobile devices are in need of protection just as much as your computer.

Malware 132

Malware Banking Mobile Software 132

Malwarebytes

MARCH 17, 2025

Instead of converting files, the tools actually load malware onto victims computers. The FBI warned specifically about that malware leading to ransomware attacks, but we’ve also seen similar sites that install browser hijackers, adware, and potentially unwanted programs (PUPs). This is the actual malware.

Malware 135

Malware Adware Education Phishing 135

The Hacker News

JUNE 11, 2025

INTERPOL on Wednesday announced the dismantling of more than 20,000 malicious IP addresses or domains that have been linked to 69 information-stealing malware variants.

Malware 131

Malware 131

The Last Watchdog

JANUARY 7, 2025

Ramat Gan, Israel, January 7th, 2025, CyberNewswire — CyTwist , a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware. Evasion: AI-generated threats mimic human behavior, complicating detection for security teams.

Threat Detection 130

Threat Detection Engineering Malware Artificial Intelligence 130

Krebs on Security

MARCH 14, 2025

A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. This particular scam usually starts with a website popup that looks something like this: This malware attack pretends to be a CAPTCHA intended to separate humans from bots.

Phishing 297

Phishing Scams Malware Passwords 297

eSecurity Planet

MAY 11, 2025

Technical support consultant using programming to upgrade artificial intelligence simulation model As AI tools boom in popularity, cyberthieves are exploiting the excitement with fake AI video editing platforms that lure users into downloading malware. The Noodlophile Stealer is a new malware strain. Credit: Morphisec Whos behind it?

Malware 104

Malware Scams Media Artificial Intelligence 104

The Hacker News

MAY 23, 2025

The malware known as Latrodectus has become the latest to embrace the widely-used social engineering technique called ClickFix as a distribution vector. The ClickFix technique is particularly risky because it allows the malware to execute in memory rather than being written to disk," Expel said in a report shared with The Hacker News.

Malware 126

Malware Social Engineering Engineering 126

Security Affairs

MAY 20, 2025

In April, SK Telecom reported that threat actors gained access to USIM-related information for customers following a malware attack. On May 8, 2025, the Personal Information Protection Committee found that malware compromised 25 types of data in the SK Telecom breach. SKT was instructed to notify all 25.64

Malware 108

Malware Mobile Data breaches Wireless 108

Security Affairs

JUNE 24, 2025

Russia-linked group APT28 uses Signal chats as an attack vector to phish Ukrainian officials with new malware strains. Russia-linked cyberespionage group APT28 is targeting Ukrainian government officials using Signal chats to deliver two new types of malware, tracked as BeardShell and SlimAgent.

Malware 89

Malware Encryption Phishing Government 89

Penetration Testing

JUNE 22, 2025

The post NCSC Uncovers “UMBRELLA STAND” Malware: Stealthy Backdoor Targets Fortinet FortiGate Firewalls appeared first on Daily CyberSecurity.

Firewall 113

Firewall Malware Cybersecurity 113

Security Affairs

JULY 5, 2025

North Korea-linked hackers use fake Zoom updates to spread macOS NimDoor malware, targeting crypto firms with stealthy backdoors. Victims are tricked into installing the malware through phishing links sent via Calendly or Telegram. Victims are tricked into installing the malware through phishing links sent via Calendly or Telegram.

Malware 107

Malware Encryption Social Engineering Phishing 107

Security Affairs

MAY 28, 2025

The malware includes tools for password theft and stealthy access.” ” The malware is designed for password theft and stealthy access, aiming to steal credentials, crypto wallets, and sell system access for financial gain. . This build-your-own-malware approach makes these attacks more efficient, stealthy, and adaptable.

Antivirus 121

Antivirus Malware Banking Passwords 121

Tech Republic Security

MAY 13, 2025

By downloading what they believe is an AI-generated video, victims have installed malware that can steal their data or offer attackers remote access to infected devices.

Malware 123

Malware Artificial Intelligence Social Engineering Engineering 123

The Hacker News

JUNE 19, 2025

The North Korea-aligned threat actor known as BlueNoroff has been observed targeting an employee in the Web3 sector with deceptive Zoom calls featuring deepfaked company executives to trick them into installing malware on their Apple macOS devices.

Malware 107

Malware Scams Cryptocurrency 107

Penetration Testing

MAY 26, 2025

A deceptively crafted fake Google Meet page has surfaced on compromised WordPress sites, tricking unsuspecting visitors into manually The post Fake Google Meet Page Tricks Users into Running Malware appeared first on Daily CyberSecurity.

Malware 115

Malware Cybersecurity Social Engineering Engineering 115

Penetration Testing

MAY 29, 2025

As artificial intelligence continues to revolutionize industries, cybercriminals are exploiting the growing demand for AI-driven tools by embedding The post Warning: Fake AI Tools Spread CyberLock Ransomware and Numero Destructive Malware appeared first on Daily CyberSecurity.

Artificial Intelligence 122

Artificial Intelligence Malware Ransomware Cybersecurity 122

Schneier on Security

DECEMBER 6, 2024

The company’s Mobile Threat Hunting feature uses a combination of malware signature-based detection, heuristics, and machine learning to look for anomalies in iOS and Android device activity or telltale signs of spyware infection. This tool seems to do a pretty good job.

Spyware 348

Spyware Mobile Malware 348

SecureList

JUNE 11, 2025

We previously reported attacks with malware being spread under the guise of DeepSeek to attract victims. For instance, we have recently discovered a new malicious campaign distributing previously unknown malware through a fake DeepSeek-R1 LLM environment installer. exe is the launcher for the next-stage malware. <>O.<0>__Run)

Malware 100

Malware Phishing Encryption Engineering 100

SecureList

MAY 28, 2025

Once these permissions are granted, the malware gains extensive capabilities that allow its operators to steal the user’s banking data and credentials, as well as perform remote actions and control the device without the user’s knowledge. Join us in this blogpost as we take a closer look at the malware’s evolution over time.

Banking 101

Banking Malware Encryption Energy and Utilities 101

eSecurity Planet

JUNE 16, 2025

These malicious destinations can lead to a variety of unwanted outcomes, including malware downloads, exploits, malvertising, and traffic monetization schemes. The post Massive JSFireTruck Malware Campaign Infects Over 269,000 Websites appeared first on eSecurity Planet. or AOL, the JSFireTruck redirects the victim to harmful URLs.

Malware 99

Malware Engineering Cybersecurity 99

Penetration Testing

JUNE 10, 2025

A Insyde H2O UEFI flaw (CVE-2025-4275) allows Secure Boot bypass via NVRAM, enabling attackers to inject undetectable malware and rootkits. Update firmware now!

Firmware 119

Firmware Malware Cybersecurity 119

The Hacker News

JULY 7, 2025

Cybersecurity researchers have disclosed a malicious campaign that leverages search engine optimization (SEO) poisoning techniques to deliver a known malware loader called Oyster (aka Broomstick or CleanUpLoader).

Malware 110

Malware Engineering Software Cybersecurity 110

The Hacker News

MAY 25, 2025

Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools like LetsVPN and QQ Browser to deliver the Winos 4.0 The campaign, first detected by Rapid7 in February 2025, involves the use of a multi-stage, memory-resident loader called Catena.

Malware 117

Malware VPN Software Cybersecurity 117

Penetration Testing

JUNE 5, 2025

Cisco Talos reveals "PathWiper," a new destructive malware used in a highly confident Russia-nexus APT attack against Ukrainian critical infrastructure.

Malware 106

Malware 106

The Hacker News

JUNE 18, 2025

A new multi-stage malware campaign is targeting Minecraft users with a Java-based malware that employs a distribution-as-service (DaaS) offering called Stargazers Ghost Network. The malware was

Malware 100

Malware 100

The Hacker News

MAY 23, 2025

Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and unsealed charges against 16 individuals for their alleged involvement in the development and deployment of the malware, which it said was controlled by a Russia-based cybercrime organization.

Cybercrime 106

Cybercrime Malware 106

The Hacker News

MAY 7, 2025

The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an espionage-focused campaign using ClickFix-like social engineering lures.

Social Engineering 112

Social Engineering Malware Engineering 112

The Hacker News

JULY 10, 2025

Cybersecurity researchers have discovered new artifacts associated with an Apple macOS malware called ZuRu, which is known to propagate via trojanized versions of legitimate software. ZuRu malware

Malware 94

Malware Software Cybersecurity 94