#malware
#malware

JavaScript

Supply chain attack compromises npm packages to spread backdoor malware

Privacy professionals

CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign

fromIT Pro

2 days ago

Privacy professionals

Malicious URLs overtake email attachments as the biggest malware threat

fromCSO Online

JavaScript

Supply chain attack compromises npm packages to spread backdoor malware

Privacy professionals

CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign

Solana malware targeting Russian crypto developers

Malware targeting Russian cryptocurrency developers has been discovered, potentially linked to state-sponsored activities.

Privacy professionals

5 days ago

Taiwan Web Servers Breached by UAT-7237 Using Customized Open-Source Hacking Tools

A Chinese-speaking APT actor, UAT-7237, targets web infrastructure in Taiwan using customized open-source tools for prolonged access.

#ransomware

5 days ago

Information security

Ransomware crews don't care about your EDR

fromTechzine Global

Information security

Ransomware group targets SharePoint zero-day

5 days ago

Information security

Ransomware crews don't care about your EDR

fromTechzine Global

Information security

Ransomware group targets SharePoint zero-day

more#ransomware

Adult sites are stashing exploit code inside racy .svg files

JavaScript Trojan exploits users' Facebook accounts to like posts without consent.

RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes

60 malicious RubyGems packages target unsuspecting users, posing as automation tools to steal credentials.

fromTechzine Global

Malicious NPM packages deceive WhatsApp developers

Two malicious NPM packages masquerade as WhatsApp development tools but contain destructive code that deletes files.

SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others

SocGholish malware utilizes Traffic Distribution Systems to redirect users to malicious content and has a Malware-as-a-Service model for cybercriminal operations.

Python

Webinar: How to Stop Python Supply Chain Attacks-and the Expert Tools You Need

Python packages harbor risks due to rising supply chain attacks, notably through various exploitation techniques like typo-squatting and repo-jacking.

Privacy professionals

fromWIRED

A Single Poisoned Document Could Leak 'Secret' Data Via ChatGPT

Generative AI models can be configured to access personal data sources, posing serious security risks and vulnerabilities to sensitive information.

Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams

VexTrio Viper develops malicious apps disguised as useful applications on official app stores.

ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections

"Like a real-world virus variant, this new 'ClickFix' strain quickly outpaced and ultimately wiped out the infamous fake browser update scam that plagued the web just last year."

Privacy professionals

fromBoston.com

Emergency communications on South Shore targeted by cyber attack

The South Shore Regional Emergency Communications Center was targeted in a cyber attack, rendering its dispatch software unusable but not disrupting 911 services.

#npm

Privacy technologies

Supply-chain attacks on open source software are getting out of hand

JavaScript

npm phishing attack laces popular packages with malware

fromTechRadar

JavaScript

More popular npm packages hijacked to spread malware

Privacy technologies

Supply-chain attacks on open source software are getting out of hand

JavaScript

npm phishing attack laces popular packages with malware

fromTechRadar

JavaScript

More popular npm packages hijacked to spread malware

more#npm

Toptal caught serving malware after GitHub compromise

Toptal's systems were compromised, distributing malware through developer accounts affecting around 5,000 users.

#cyber-espionage

Privacy professionals

Cyber Espionage Campaign Hits Russian Aerospace Sector Using EAGLET Backdoor

Privacy professionals

UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns

Privacy professionals

Cyber Espionage Campaign Hits Russian Aerospace Sector Using EAGLET Backdoor

Privacy professionals

UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns

Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks

Two malware campaigns, Soco404 and Koske, exploit cloud vulnerabilities to deliver cryptocurrency miners.

#coyote-trojan

Privacy professionals

Coyote malware abuses Microsoft UIA to hunt banking creds

Privacy professionals

New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials

Privacy professionals

Coyote malware abuses Microsoft UIA to hunt banking creds

Privacy professionals

New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials

more#coyote-trojan

Ukrainians arrest alleged admin of major crime forum XSS

Ukrainian authorities arrested the suspected administrator of the Russian-language crime forum XSS.is, a key player in global cybercrime.

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations

A critical security vulnerability in Microsoft SharePoint Server, tracked as CVE-2025-53770 with a CVSS score of 9.8, has been weaponized in a large-scale exploitation campaign.

Information security

#android

fromPCWorld

Privacy technologies

Google wants to kill a massive Android TV botnet with lawyers

Information security

New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code

fromPCWorld

Privacy technologies

Google wants to kill a massive Android TV botnet with lawyers

Information security

New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code

more#android

Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices

"The BADBOX 2.0 botnet compromised over 10 million uncertified devices running Android's open-source software (Android Open Source Project), which lacks Google's security protections."

Privacy professionals

Google finds custom backdoor being installed on SonicWall network devices

The targeted devices are end of life, meaning they no longer receive regular updates for stability and security. Despite the status, many organizations continue to rely on them.

Privacy technologies

Node JS

fromBleepingComputer

North Korean XORIndex malware hidden in 67 malicious npm packages

North Korean threat actors delivered malware through 67 malicious npm packages, affecting over 17,000 downloads.

#macos

fromSecuritymagazine

Apple

New ZuRu Malware Variant Targeting Developers

Apple

New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App

fromSecuritymagazine

Apple

New ZuRu Malware Variant Targeting Developers

Apple

New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App

more#macos

New PHP-Based Interlock RAT Variant Uses FileFix Delivery Mechanism to Target Multiple Industries

Since May 2025, activity related to the Interlock RAT has been observed in connection with the LandUpdate808 (aka KongTuke) web-inject threat clusters.

Privacy technologies

Information security

Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware

Hackers are exploiting Shellter, a red teaming tool, for malfeasance, distributing stealer malware following a leaked version.

fromIT Pro

Malware as a service explained: What it is and why businesses should take note

MaaS enables low-skilled criminals to easily access sophisticated cyberattack tools, contributing to a surge in cyber threats.

Information security