Hackers Hide Linux Malware in SSH-Like Package Filename

Hackers have been observed disguising a malicious Linux payload under an SSH-like filename during software installation, as part of a coordinated supply chain attack targeting developer ecosystems. The attack hinges on a hidden post-install script embe…

·

cyber security, Cyber Security News, Linux, Malware

¶¶¶¶¶

Iranian APT Uses SEO Poisoning to Spread Fake SQL Developer Malware

A newly observed cyber campaign linked to the Iranian IRGC-affiliated threat group Nimbus Manticore (also tracked as UNC1549) highlights an evolution in both delivery tactics and malware sophistication. The activity, uncovered during the ongoing geopol…

·

APT, cyber security, Cyber Security News, Malware

¶¶¶¶¶

Kazuar Malware Becomes Modular Spyware for Secret Blizzard Ops

A major evolution in the Kazuar malware family, a long-standing cyber espionage tool linked to the Russian state-sponsored threat group Secret Blizzard, also known as Turla and Venomous Bear. Kazuar historically supported espionage campaigns targeting …

·

cyber security, Cyber Security News, Malware, spyware

¶¶¶¶¶

RondoDox Botnet Exploits Critical 2018 Vulnerability to Hijack ASUS Routers

Cybersecurity firm VulnCheck reveals hackers are using a critical 2018 vulnerability to bypass authentication and hack over a million ASUS routers.

·

ASUS, Botnet, Cyber Attack, Cyber-Attacks, cybersecurity, IoT, Malware, Mirai, RondoDox, Routers, Security

¶¶¶¶¶

5,561 GitHub Repositories Hit by Megalodon Supply Chain Attack in Six Hours

SafeDep uncovered the Megalodon attack targeting 5,561 GitHub repositories with malicious CI workflows and cloud credential theft.

·

Cyber Attack, Cyber-Attacks, cybersecurity, GitHub, Malware, Megalodon, SafeDep, Security, Supply Chain

¶¶¶¶¶

Android Malware Secretly Signs Users Up for Premium Services

Android users are being targeted by a large-scale malware campaign that silently subscribes victims to premium mobile services without their knowledge. The malware campaign focuses on carrier billing fraud, abusing premium SMS services to generate reve…

·

Android, cyber security, Cyber Security News, Malware

¶¶¶¶¶

Hackers Hide Malware in Nested macOS-Style Folders to Evade Scans

Hackers are increasingly adopting stealthy delivery techniques, and a newly uncovered spear-phishing campaign shows how nested macOS-like folder structures can be abused to evade detection while deploying advanced malware. The phishing email carries a …

·

cyber security, Cyber Security News, macOS, Malware

¶¶¶¶¶

Megalodon Malware Rapidly Infects Over 5,500 GitHub Repositories

A newly identified malware campaign dubbed “Megalodon” has compromised more than 5,500 GitHub repositories, raising serious concerns about the security of open-source ecosystems. Security researchers from SafeDep report that the malware spreads through…

·

cyber security, Cyber Security News, Malware

¶¶¶¶¶

Hackers Abuse Hugging Face to Deliver npm Malware

A newly uncovered supply chain attack targeting the npm ecosystem has been linked to North Korean (DPRK)-aligned threat actors. The campaign centers around a malicious npm package named terminal-logger-utils, which embeds a sophisticated multi-stage ma…

·

cyber security, Cyber Security News, Malware

¶¶¶¶¶

Android Malware Spotted Subscribing Victims to Paid Services Without Consent

Cybersecurity researchers expose a 10-month global Android malware campaign using fake apps to secretly charge users through premium SMS bills.

·

Android, Cyber Attack, Cyber Crime, cybersecurity, Fraud, Malware, Privacy, SCAM, Scams and Fraud, Security, Zimperium, zLabs

¶¶¶¶¶

1010.cx

1010.cx

Category: Malware