-
North Korean threat actors have escalated their Contagious Interview campaign, deploying 338 malicious npm packages with over 50,000 downloads to target cryptocurrency and blockchain developers through sophisticated social engineering tactics. The stat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new malware campaign targeting Windows systems has emerged, leveraging Node.js Single Executable Application (SEA) features to distribute malicious payloads while evading traditional detection mechanisms. The Stealit malware represents a significant evolution in malware-as-a-service operations, combining advanced obfuscation techniques with extensive anti-analysis capabilities to establish persistent control over infected systems. The campaign has been […] The post New Stealit Malware Attacking Windows Systems Abuses Node.js Extensions appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has successfully addressed one of Windows 11’s most frustrating issues with its latest preview builds, finally fixing the notorious “update and shut down” glitch that has plagued users since the operating system’s 2021…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in Happy DOM, a popular JavaScript library used for server-side rendering and testing frameworks. The flaw, tracked as CVE-2025-61927, enables attackers to escape the virtual machine context and exe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have uncovered a sophisticated new campaign targeting WhatsApp users in Brazil with self-propagating malware designed to steal banking credentials and cryptocurrency exchange login information. The attack, first detected on Se…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Spanish law enforcement recently dismantled an advanced AI-driven phishing network and arrested the mastermind developer known as “GoogleXcoder.” This operation marks a significant victory in the fight against banking credential theft in Spain. Cybercr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new cybercriminal conglomerate known as Scattered Lapsus$ Hunters has emerged as a significant threat to global organizations, claiming responsibility for massive data breaches targeting Salesforce customer tenants. The group, also referred to as SP1…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Huntress have detected a widespread attack campaign targeting SonicWall SSL VPN devices across multiple customer environments, with over 100 accounts compromised since early October. The attacks appear coordinated and sophi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Oracle has issued a critical security alert for a severe vulnerability in its E-Business Suite platform that could allow attackers to execute remote code and steal sensitive data without requiring authentication. The flaw, identified as CVE-2025-6…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
McAfee’s Threat Research team recently uncovered a sophisticated new Astaroth campaign that represents a significant evolution in malware infrastructure tactics. This latest variant has abandoned traditional command-and-control (C2) server depend…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
