#malware

[ follow ]
#cybersecurity #phishing #supply-chain-attack #social-engineering #data-theft #open-source #cryptocurrency
#phishing
Information security
fromSecurityWeek
2 hours ago

New Bluekit Phishing Kit Features AI Assistant

Bluekit is a sophisticated phishing kit with AI capabilities, automated domain registration, and extensive templates for various online services.
Information security
fromSecurityWeek
2 hours ago

New Bluekit Phishing Kit Features AI Assistant

Bluekit is a sophisticated phishing kit with AI capabilities, automated domain registration, and extensive templates for various online services.
more#phishing
#cybersecurity
Information security
fromThe Hacker News
2 days ago

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR is a Python-based backdoor framework that enables persistent access and sensitive information harvesting from compromised systems.
Information security
fromInfoWorld
2 days ago

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Attackers view developer workstations as critical access points, targeting them to infiltrate software supply chains.
Information security
fromThe Hacker News
22 hours ago

China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists

A new China-aligned espionage campaign targets government and defense sectors in Asia and Europe, exploiting vulnerabilities in Microsoft Exchange and IIS servers.
Information security
fromSecurityWeek
1 day ago

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption

A new Python-based backdoor framework, Deep#Door, enables persistent remote command execution and surveillance on Windows systems.
Information security
fromThe Hacker News
2 days ago

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR is a Python-based backdoor framework that enables persistent access and sensitive information harvesting from compromised systems.
Information security
fromInfoWorld
2 days ago

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Attackers view developer workstations as critical access points, targeting them to infiltrate software supply chains.
more#cybersecurity
Information security
fromTechRepublic
1 day ago

New Global Scam Uses Fake Meeting Links to Run PowerShell Malware

BlueNoroff hackers exploit fake Zoom calls and fileless malware to steal credentials from Web3 and cryptocurrency organizations.
#open-source
Information security
fromDeveloper Tech News
1 day ago

Open-source registries hit by 'Mini Shai-Hulud' supply chain attacks

The 'Mini Shai-Hulud' worm targets developer credentials across multiple ecosystems, exploiting vulnerabilities in popular packages to steal sensitive information.
Information security
fromTechzine Global
4 days ago

Malicious Python package poses new supply chain threat

The open-source package elementary-data was compromised, leading to the publication of a malicious version that stole sensitive user credentials.
Information security
fromTheregister
2 weeks ago

Fake Linux Foundation leader using Slack to phish devs

A malware campaign targets open source developers via Slack, impersonating a Linux Foundation official to steal credentials and compromise systems.
more#open-source
#software-supply-chain
Information security
fromThe Hacker News
1 day ago

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

A software supply chain attack campaign uses sleeper packages to push malicious payloads for credential theft and tampering.
Information security
fromThe Hacker News
1 day ago

PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials

Malicious versions of the Lightning Python package were released, enabling credential theft through an automated attack chain.
Information security
fromThe Hacker News
1 day ago

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

A software supply chain attack campaign uses sleeper packages to push malicious payloads for credential theft and tampering.
Information security
fromThe Hacker News
1 day ago

PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials

Malicious versions of the Lightning Python package were released, enabling credential theft through an automated attack chain.
more#software-supply-chain
Information security
fromSecurityWeek
1 day ago

Hugging Face, ClawHub Abused for Malware Distribution

Threat actors exploit AI distribution platforms to distribute malware through trojanized shared files, relying on social engineering tactics to deceive users.
Information security
fromSecurityWeek
1 day ago

1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom

Over 1,800 developers were impacted by the Mini Shai-Hulud supply chain attack affecting multiple package ecosystems.
#supply-chain-attacks
Information security
fromTheregister
1 day ago

Ongoing supply chain attacks worm into SAP npm packages

Supply chain attacks have compromised multiple npm packages, including those from SAP and Intercom, with credential-stealing malware affecting developers.
Information security
fromInfoWorld
3 days ago

More fake extensions linked to GlassWorm found in Open VSX code marketplace

73 new fraudulent extensions have been added to the Open VSX marketplace, continuing supply chain attacks that download GlassWorm malware.
Information security
fromTheregister
3 days ago

Don't pay VECT a ransom - your big files are likely gone

Organizations affected by Trivy and LiteLLM compromises that paid Vect likely received little data recovery, according to Check Point Research.
Information security
fromTheregister
1 day ago

Ongoing supply chain attacks worm into SAP npm packages

Supply chain attacks have compromised multiple npm packages, including those from SAP and Intercom, with credential-stealing malware affecting developers.
Information security
fromInfoWorld
3 days ago

More fake extensions linked to GlassWorm found in Open VSX code marketplace

73 new fraudulent extensions have been added to the Open VSX marketplace, continuing supply chain attacks that download GlassWorm malware.
Information security
fromTheregister
3 days ago

Don't pay VECT a ransom - your big files are likely gone

Organizations affected by Trivy and LiteLLM compromises that paid Vect likely received little data recovery, according to Check Point Research.
more#supply-chain-attacks
Information security
fromSecurityWeek
1 day ago

SAP NPM Packages Targeted in Supply Chain Attack

Four SAP NPM packages were compromised with malicious code, targeting cloud application workflows and stealing sensitive credentials.
Information security
fromThe Hacker News
3 days ago

Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign

A Brazilian cybercrime group targets Minecraft players with LofyStealer malware disguised as a hack called 'Slinky'.
Information security
fromSecurityWeek
4 days ago

Dozens of Open VSX Extension Clones Linked to GlassWorm Malware

Over 70 extensions in the Open VSX marketplace are likely linked to GlassWorm malware, designed to steal sensitive information and deploy malware.
Software development
fromArs Technica
4 days ago

Open source package with 1 million monthly downloads stole user credentials

Developers must uninstall version 0.23.3 of elementary-data due to security vulnerabilities and follow specific remediation steps.
Information security
fromSecurityWeek
1 week ago

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks

GopherWhisper is a newly identified APT using legitimate services for command-and-control communication and data exfiltration, primarily targeting a Mongolian government entity.
Information security
fromSecurityWeek
1 week ago

US Federal Agency's Cisco Firewall Infected With 'Firestarter' Backdoor

A US federal agency was infected with malware due to vulnerabilities in Cisco firewalls linked to a China-backed espionage campaign.
#bitwarden
Information security
fromSecurityWeek
1 week ago

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package was compromised, enabling credential theft through a malicious payload targeting various cloud services and GitHub repositories.
fromThe Hacker News
1 week ago
Information security

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

Bitwarden CLI was compromised in the Checkmarx supply chain campaign, with malicious code stealing sensitive data from users.
Information security
fromSecurityWeek
1 week ago

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package was compromised, enabling credential theft through a malicious payload targeting various cloud services and GitHub repositories.
more#bitwarden
Information security
fromTechCrunch
1 week ago

Vercel says some of its customers' data was stolen prior to its recent hack | TechCrunch

Vercel experienced a data breach affecting customer accounts, with evidence of prior compromises suggesting broader security implications.
Information security
fromThe Hacker News
1 week ago

Vercel Finds More Compromised Accounts in Context.ai-Linked Breach

Vercel identified additional compromised customer accounts linked to a security incident involving unauthorized access to its internal systems.
#npm
Information security
fromInfoWorld
1 week ago

Malicious pgserve, automagik developer tools found in npm registry

Malicious npm packages aim to steal sensitive data and credentials, potentially leading to complete organizational takeovers.
Information security
fromTheregister
1 week ago

Another npm supply chain worm hits dev environments

A new npm supply-chain attack targets developer workflows, compromising multiple packages and stealing sensitive data, with similarities to previous CanisterWorm infections.
Information security
fromInfoWorld
1 week ago

Malicious pgserve, automagik developer tools found in npm registry

Malicious npm packages aim to steal sensitive data and credentials, potentially leading to complete organizational takeovers.
Information security
fromTheregister
1 week ago

Another npm supply chain worm hits dev environments

A new npm supply-chain attack targets developer workflows, compromising multiple packages and stealing sensitive data, with similarities to previous CanisterWorm infections.
more#npm
Information security
fromTechRepublic
1 week ago

Malicious TikTok Downloader Extensions Quietly Compromised 130K Users

Browser extensions disguised as TikTok video downloaders are compromising user data, highlighting vulnerabilities in enterprise security.
#north-korea
Information security
fromSecurityWeek
1 week ago

North Korean Hackers Use AppleScript, ClickFix in Fresh macOS Attacks

North Korean hackers are targeting macOS users in financial organizations using social engineering techniques to install information-stealing malware.
Information security
fromThe Hacker News
3 weeks ago

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Contagious Interview campaign targets Go, Rust, and PHP ecosystems with malicious packages that function as malware loaders.
more#north-korea
Information security
fromSecurityWeek
1 week ago

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

Google Antigravity's vulnerabilities have attracted both security researchers and cybercriminals, leading to risks of remote code execution and malware delivery.
Information security
fromThe Hacker News
1 week ago

Mustang Panda's New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

A new variant of LOTUSLITE malware targets India's banking sector, focusing on espionage rather than financial gain.
Information security
fromThe Hacker News
1 week ago

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

The Gentlemen ransomware group uses SystemBC malware to target over 1,570 victims, employing sophisticated tactics for initial access and lateral movement.
Information security
fromTheregister
1 week ago

macOS ClickFix attacks deliver AppleScript stealers

A ClickFix campaign targets macOS users with an AppleScript infostealer that collects sensitive data from various browsers and cryptocurrency wallets.
Information security
fromSecurityWeek
1 week ago

Dozens of Malicious Crypto Apps Land in Apple App Store

Over two dozen fake cryptocurrency apps targeting iOS users have been found in the Apple App Store, aimed at stealing recovery phrases and private keys.
Information security
fromTechRepublic
1 week ago

Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign

Hackers exploit Android's overlay feature to capture PINs and monitor user interactions across over 800 apps using banking trojans.
Information security
fromTechzine Global
1 week ago

Kubernetes attack surface explodes: number of threats quadruples

Kubernetes faces a surge in cyberattacks, with a 282% increase in attempts, particularly targeting the IT sector and crypto exchanges.
Information security
fromThe Hacker News
1 week ago

Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems

ZionSiphon malware targets Israeli water treatment systems, showcasing a trend in politically motivated attacks on critical infrastructure.
Information security
fromThe Hacker News
2 weeks ago

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

Threat actors exploit vulnerabilities in TBK DVR and TP-Link routers to deploy Mirai-botnet variants, targeting IoT devices for large-scale attacks.
#n8n
more#n8n
#wordpress
Information security
fromTechRepublic
2 weeks ago

Malicious WordPress Plugins with Backdoors Compromise Thousands of Websites

Malicious WordPress plugins with backdoors compromised thousands of websites, demonstrating a supply-chain attack and leading to their permanent removal.
Information security
fromTechCrunch
2 weeks ago

Someone planted backdoors in dozens of WordPress plugins used in thousands of websites | TechCrunch

Dozens of WordPress plugins were compromised by a backdoor, distributing malicious code after a change in ownership of the plugin maker.
Information security
fromThe Hacker News
3 weeks ago

Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers

Unknown threat actors hijacked the Smart Slider 3 Pro plugin update system to distribute a backdoored version affecting WordPress and Joomla users.
Information security
fromTechRepublic
2 weeks ago

Malicious WordPress Plugins with Backdoors Compromise Thousands of Websites

Malicious WordPress plugins with backdoors compromised thousands of websites, demonstrating a supply-chain attack and leading to their permanent removal.
Information security
fromTechCrunch
2 weeks ago

Someone planted backdoors in dozens of WordPress plugins used in thousands of websites | TechCrunch

Dozens of WordPress plugins were compromised by a backdoor, distributing malicious code after a change in ownership of the plugin maker.
Information security
fromThe Hacker News
3 weeks ago

Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers

Unknown threat actors hijacked the Smart Slider 3 Pro plugin update system to distribute a backdoored version affecting WordPress and Joomla users.
more#wordpress
Information security
fromThe Hacker News
2 weeks ago

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

A social engineering campaign exploits Obsidian to distribute PHANTOMPULSE trojan targeting financial and cryptocurrency sectors.
Information security
fromTechCrunch
2 weeks ago

Adobe fixes PDF zero-day security bug that hackers have exploited for months | TechCrunch

Adobe patched a critical vulnerability in Acrobat DC and Reader DC that allowed hackers to remotely install malware via malicious PDF files.
Information security
fromThe Hacker News
2 weeks ago

JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025

JanelaRAT malware targets financial institutions in Latin America, stealing sensitive data and employing advanced infection techniques.
Information security
fromTechRepublic
3 weeks ago

Microsoft: Third-Party Android Vulnerability Leaves Over 50M Users Exposed

A critical flaw in the EngageLab SDK allowed malicious apps to exploit trusted permissions, affecting over 50 million Android users.
Privacy technologies
fromThe Hacker News
3 weeks ago

Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows

Google's Device Bound Session Credentials enhance security for Chrome users by tying authentication sessions to specific devices, combating session theft.
fromnews.bitcoin.com
3 weeks ago

ZachXBT Publishes Leaked DPRK Payment Data Showing $1M Monthly Crypto-to-Fiat Pipeline

The internal platform at the center of the investigation was luckyguys.site, also referred to internally as WebMsg. It functioned as a Discord-style messenger, allowing DPRK IT workers to report payments to their handlers.
Cryptocurrency
Information security
fromThe Hacker News
3 weeks ago

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.
Information security
fromThe Hacker News
3 weeks ago

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

A zero-day vulnerability in Adobe Reader is being exploited through malicious PDF documents to harvest sensitive data and execute additional payloads.
[ Load more ]