-
Hackers are abusing fake download sites for popular tools like FinalShell and Xshell to deliver a new remote access trojan known as Kong RAT, in a highly staged and stealthy campaign that ran from at least May 2025 through March 2026. In this campaign,…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers at Ontinue have discovered an undocumented malware campaign targeting developers with fake Claude Code installers to steal browser passwords and cookies.
·
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Operation HumanitarianBait uses fake aid documents, GitHub-hosted payloads, and Python spyware to target Russian-speaking victims.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are now abusing hijacked Microsoft Teams accounts and fake IT helpdesk chats to push a new, undocumented version of the Python‑based ModeloRAT into corporate environments. Instead, they use compromised or newly created Microsoft Teams accounts …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
North Korean threat actors have introduced a stealthy new delivery mechanism in their ongoing “Contagious Interview” campaign, shifting tactics to abuse Git hooks for malware execution. The attack begins with a familiar social engineering lure. Victims…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Mistral’s official Python client on PyPI has been pulled into the ongoing wave of AI supply‑chain attacks, with Microsoft warning that version 2.4.6 of the mistralai package was backdoored to silently deploy a credential‑stealing payload on Linux syste…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
TrickMo, the Android banking malware, has resurfaced with a significantly redesigned architecture, targeting banking, fintech, wallet, and authenticator applications while introducing advanced stealth and network capabilities. Rather than introducing e…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google researchers say hackers used AI to develop zero-day exploits, Android backdoors, and automated supply chain attacks targeting GitHub and PyPI.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A malicious Hugging Face repository, Open-OSS/privacy-filter, that abused the platform’s trust and trending algorithm to deliver a sophisticated Rust-based infostealer to Windows users. The project briefly reached the #1 trending position with roughly …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OpenClaw users are being targeted in a fresh malware campaign that abuses a fake installer to steal credentials from popular crypto wallets and password managers, including MetaMask, Phantom, and Bitwarden. The archive contains a 130MB Rust executable …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
