Security Affairs

MARCH 24, 2025

The FBI warns of a significant increase in scams involving free online document converters to infect users with malware. The FBI warns that threat actors use malicious online document converters to steal users sensitive information and infect their systems with malware. ” reads the alert. The FBI urges reporting to IC3.gov.

Malware 118

Malware Scams Identity Theft Antivirus 118

The Hacker News

MAY 12, 2025

Threat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to entice users into downloading an information stealer malware dubbed Noodlophile.

Artificial Intelligence 135

Artificial Intelligence Malware Advertising Media 135

Malwarebytes

APRIL 14, 2025

Horn tooting time: We’re excited to say we’ve earned a coveted spot in PCMags Best Antivirus Software for 2025 list, and been recognized as the Best Malware Removal Service 2025 by CNET. Malwarebytes Premium proved highly effective in malware protection and defending against malicious and fraudulent web pages.

Antivirus 105

Antivirus Software Malware Accountability 105

Security Affairs

APRIL 16, 2025

Attackers infiltrated the supply chain, embedding malware in pre-installed apps. The experts found malware-laced applications pre-installed on the phone. The malware injected via LSPatch into ~40 legitimate-looking apps, including messengers and QR scanners, is dubbed dubbed Shibai. ” continues the report.

Malware 130

Malware Manufacturing Mobile Spyware 130

Security Affairs

OCTOBER 29, 2024

Suspected Russia-linked espionage group UNC5812 targets Ukraine’s military with Windows and Android malware via Telegram. Google TAG and Mandiant observed a Russia-linked group, tracked as UNC5812, targeting Ukraine’s military with Windows and Android malware via the Telegram channel “ Civil Defense.”

Malware 122

Malware Social Engineering Software Mobile 122

SecureList

NOVEMBER 6, 2024

It spreads via forums posts, torrent trackers and blogs, imitating popular software like Foxit PDF Editor and AutoCAD. It also uses stealer malware to extract the victim’s credit card data as well as details about the infected device. GitHub payloads After that, the malware resolves the IP address behind the ankjdans[.]xyz

Software 123

Software Cryptocurrency Malware DNS 123

Schneier on Security

APRIL 22, 2024

Interesting social-engineering attack vector : McAfee released a report on a new LUA malware loader distributed through what appeared to be a legitimate Microsoft GitHub repository for the “C++ Library Manager for Windows, Linux, and MacOS,” known as vcpkg.

Malware 341

Malware Social Engineering Engineering Software 341

eSecurity Planet

MAY 11, 2025

Technical support consultant using programming to upgrade artificial intelligence simulation model As AI tools boom in popularity, cyberthieves are exploiting the excitement with fake AI video editing platforms that lure users into downloading malware. The Noodlophile Stealer is a new malware strain.

Malware 106

Malware Scams Media Artificial Intelligence 106

Krebs on Security

JANUARY 25, 2024

Google continues to struggle with cybercriminals running malicious ads on its search platform to trick people into downloading booby-trapped copies of popular free software applications. And by most accounts, the threat from bad ads leading to backdoored software has subsided significantly compared to a year ago. com , filezillasoft[.]com

Software 323

Software Advertising Malware Accountability 323

SecureList

MARCH 3, 2025

million attacks involving malware, adware or unwanted mobile software were prevented. million malware, adware or unwanted software attacks targeting mobile devices. Some time later, the user received a phishing link to download malware disguised as a shipment tracking app. A total of 1.1 A total of 1.1

Mobile 116

Mobile Malware Adware Banking 116

Malwarebytes

APRIL 24, 2025

Then you’re like millions of other users now at risk from a new form of cybercrime – malware that can read your credit or debit card and hand its data over to an attacker. All you have to do is install the software and tap your card to your phone – and criminals excel at persuading you to do just that.

Malware 102

Malware Banking Software Social Engineering 102

Schneier on Security

JANUARY 10, 2023

I don’t know how much of a thing this will end up being, but we are seeing ChatGPT-written malware in the wild. “It’s still too early to decide whether or not ChatGPT capabilities will become the new favorite tool for participants in the Dark Web,” company researchers wrote.

Malware 66

Malware Encryption Cybercrime Passwords 66

Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. It didn’t dawn on Doug until days later that the missed meeting with Mr. Lee might have been a malware attack. MacOS computers include X-Protect , Apple’s built-in antivirus technology.

Malware 330

Malware Cryptocurrency Software Phishing 330

Troy Hunt

AUGUST 29, 2023

Today, the US Justice Department announced a multinational operation involving actions in the United States, France, Germany, the Netherlands, and the United Kingdom to disrupt the botnet and malware known as Qakbot and take down its infrastructure.

Malware 361

Malware Passwords Password Management Antivirus 361

Penetration Testing

MAY 14, 2025

The ReversingLabs research team has uncovered yet another software supply chain attack targeting the cryptocurrency ecosystem, this time The post PyPI Malware Alert: Malicious ‘solana-token’ Package Targets Solana Developers appeared first on Daily CyberSecurity.

Malware 91

Malware Cryptocurrency Software Cybersecurity 91

Security Affairs

FEBRUARY 13, 2025

Valve removed a game from Steam because it contained malware, the company also warned affected users to reformat their operating systems. The Steam account of the developer for this game uploaded builds to Steam that contained suspected malware. ” A game called PirateFi released on Steam last week and it contained malware.

Malware 112

Malware Antivirus Accountability Software 112

Security Affairs

NOVEMBER 19, 2024

Volexity researchers discovered a vulnerability in Fortinet’s Windows VPN client that China-linked threat actor BrazenBamboo abused in their DEEPDATA malware. BrazenBamboo is known to be the author of other malware families, including LIGHTSPY , DEEPDATA, and DEEPPOST.

VPN 120

VPN Malware Spyware Passwords 120

SecureList

APRIL 23, 2025

We have been tracking the latest attack campaign by the Lazarus group since last November, as it targeted organizations in South Korea with a sophisticated combination of a watering hole strategy and vulnerability exploitation within South Korean software. We found that the malware was running in the memory of a legitimate SyncHost.

Malware 144

Malware Software Encryption Internet 144

SecureWorld News

MAY 9, 2025

Google's Threat Intelligence Group (GTIG) has identified a new malware strain, dubbed "LOSTKEYS," attributed to the Russian state-sponsored hacking group COLDRIVER. The introduction of LOSTKEYS signifies a strategic shift towards deploying malware for direct data exfiltration.

Malware 88

Malware Social Engineering Engineering Government 88

Security Affairs

MAY 1, 2025

Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware. A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6.

Malware 88

Malware Phishing Telecommunications Retail 88

SecureList

APRIL 7, 2025

Such software enjoys the trust of monitoring tools and doesn’t raise suspicions. Schematic of DLL proxying However, this is not enough to launch malware. ToddyCat created the TCESB DLL on its basis, modifying the original code to extend the malware’s functionality. EDRSandblast.a.

Software 107

Software Encryption Malware Firmware 107

Krebs on Security

JANUARY 31, 2025

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The investigation into the makers and buyers of this phishing software has not yet been completed with the seizure of the servers and domains.”

Phishing 267

Phishing Cybercrime Advertising Malware 267

Krebs on Security

JUNE 1, 2023

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. “Antivirus software trusts signed programs more. For some types of software, a digital signature is mandatory.”

Malware 309

Malware Cybercrime Software Accountability 309

Krebs on Security

NOVEMBER 16, 2022

The Disneyland Team’s Web interface, which allows them to interact with malware victims in real time to phish their login credentials using phony bank websites. Rather, this group uses the phony bank domains in conjunction with malicious software that is already secretly installed on a victim’s computer.

Malware 334

Malware Banking Phishing DDOS 334

Security Affairs

DECEMBER 1, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 74

Malware Social Engineering Antivirus Engineering 74

Krebs on Security

NOVEMBER 12, 2024

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. ” McCarthy also pointed to CVE-2024-43498 , a remote code execution flaw in.NET and Visual Studio that could be used to install malware. This bug has earned a CVSS severity rating of 9.8 (10 10 is the worst).

Authentication 272

Authentication Engineering Malware Passwords 272

Security Affairs

DECEMBER 27, 2024

North Korea-linked threat actors are using the OtterCookie backdoor to target software developers with fake job offers. North Korea-linked threat actors were spotted using new malware called OtterCookie as part of the Contagious Interview campaign that targets software developer community with fake job offers.

Malware 90

Malware Cryptocurrency Software Hacking 90

Security Affairs

APRIL 6, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure Unboxing Anubis: Exploring the Stealthy Tactics of FIN7’s Latest Backdoor Advancements in delivery: Scripting with (..)

Malware 79

Malware Cryptocurrency Hacking Accountability 79

SecureList

APRIL 22, 2025

ViPNet is a software suite for creating secure networks. We determined that the backdoor was distributed inside LZH archives with a structure typical of updates for the software product in question. Impersonating a ViPNet update Our investigation revealed that the backdoor targets computers connected to ViPNet networks.

Software 82

Software Encryption Architecture Malware 82

Penetration Testing

APRIL 12, 2025

AhnLab Security intelligence Center (ASEC) has revealed a cyberattack campaign where Arabic-speaking attackers are distributing ViperSoftX malware, targeting The post ViperSoftX Malware: Arabic-Speaking Attackers Exploit PowerShell in New Cyberattack Campaign appeared first on Daily CyberSecurity.

Malware 113

Malware Security Intelligence Cybersecurity Software 113

The Last Watchdog

APRIL 7, 2025

Despite advanced AI detection and telemetry analysis offered in todays EDR solutions, modern infostealer malware is designed to evade even the most sophisticated defenses, using tactics like polymorphic malware, memory-only execution, and exploitation of zero-day vulnerabilities or outdated software.

Antivirus 113

Antivirus Malware Cybercrime Identity Theft 113

Security Affairs

APRIL 20, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malicious NPM Packages Targeting PayPal Users New Malware Variant Identified: ResolverRAT Enters the Maze Nice chatting with you: what connects cheap Android smartphones, WhatsApp and cryptocurrency theft?

Malware 81

Malware Cryptocurrency Engineering Encryption 81

Security Affairs

APRIL 23, 2025

The malware steals contacts, geolocation, and file info, it can also download extra modules to exfiltrate stored data when instructed. “Alpine Quest is topographic software that allows different maps to be used both in online and offline mode. ” reads the report published by Doctor Web. Threat actors embedded Android.Spy.1292.origin

Spyware 85

Spyware Software Malware Hacking 85

Security Affairs

FEBRUARY 17, 2025

Microsoft Threat Intelligence discovered a new variant of the macOS malware XCSSET in attacks in the wild. XCSSET is a sophisticated modular macOS malware that targets users by infecting Xcode projects, it has been active since at least 2022. Microsoft observed that the malware was employed in limited attacks.

Malware 72

Malware Hacking Software 72

Security Affairs

OCTOBER 29, 2024

RedLine and META targeted millions of victims worldwide, according to Eurojust it was one of the largest malware platforms globally. “Investigations into RedLine and Meta started after victims came forward and a security company notified authorities about possible servers in the Netherlands linked to the software.

Identity Theft 128

Identity Theft Passwords Malware Banking 128

Security Affairs

APRIL 25, 2025

The campaign has been active since at least November 2024, Lazarus Group is targeting South Korean organizations using watering hole tactics and exploiting software vulnerabilities. The attackers used multiple hacking tools and malware, including ThreatNeedle , Agamemnon downloader, wAgent , SIGNBT, and COPPERHEDGE.

Malware 95

Malware Software Encryption Hacking 95

Security Affairs

DECEMBER 8, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 72

Malware Spyware Phishing Hacking 72