-
Void Dokkaebi, also known as Famous Chollima, is expanding its cyber operations by turning fake job interviews into a large-scale malware distribution campaign targeting developers. The campaign begins with attackers posing as recruiters from cryptocur…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
New GoGra Linux malware linked to Harvester APT targets systems in South Asia, using fake PDFs and Microsoft APIs for covert command and control.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Malicious npm package js-logger-pack is now abusing Hugging Face not just as a malware CDN, but also as a live exfiltration backend for stolen data, turning a popular AI platform into part of a full-featured cross‑platform implant chain. Earlier campai…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing a fake macOS wallpaper app and a hijacked YouTube channel to quietly deliver notnullOSX, a new crypto-focused stealer that targets Macs via ClickFix commands and weaponized DMG installers. The campaign is highly selective, going aft…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Acronis reveals Mustang Panda is using a new LOTUSLITE backdoor to target Indian banks and Korean diplomats. Learn how this DLL sideloading attack works.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A coordinated malware operation is abusing fake GitHub repositories to distribute a LuaJIT-based loader, SmartLoader, and a follow-on StealC infostealer, with at least 109 malicious repos active across 103 accounts. The campaign blends cloned open sour…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Compromised Namastex npm packages are delivering a new TeamPCP-style CanisterWorm variant that targets developer secrets, browser and wallet data, and then attempts to spread across npm and PyPI ecosystems using canister-backed exfiltration infrastruct…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new NGate malware variant that hides inside a trojanized version of HandyPay, a legitimate NFC payment relay app for Android, to steal card data and PINs for ATM cash-outs and fraudulent payments. The injected code shows clear signs of being produced…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Over 130,000 users are at risk from fake TikTok downloader extensions on Chrome and Microsoft Edge. Researchers discovered these malicious tools use device fingerprinting to spy on users and steal sensitive browser data.
·
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new malware campaign is bundling a powerful remote access trojan (RAT) with intrusive adware, giving attackers both long-term control of infected systems and an immediate revenue stream from fraudulent advertising activity. The loader hides two encry…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
