-
A newly discovered supply chain attack is spreading the GlassWorm malware across multiple developer environments by abusing the OpenVSX extension marketplace. GlassWorm is not new. Researchers have tracked the campaign since March 2025, when attackers …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
macOS Malware notnullOSX targets crypto wallets over $10K, using fake apps, Terminal tricks, and backdoors to steal funds and sensitive data.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft researchers have uncovered a fast-moving group, Storm-1175, launching high-speed Medusa ransomware attacks against healthcare and education sectors in the UK, US, and Australia by exploiting security flaws in as little as 24 hours.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Netskope Threat Labs report a new ClickFix attack using fake CAPTCHAs to deploy Tor-backed NodeJS malware and drain crypto wallets on Windows.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are increasingly using fake Zoom and Microsoft Teams meetings to trick victims into infecting their own systems with malware. SEAL says it has blocked 164 malicious domains tied to this operation using MetaMask’s eth-phishing-detect system. The…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
REF1695 hackers spread Monero mining malware via fake non-profit installers, using stealth tactics to evade detection and hijack systems for profit.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Fake software installers are being used in a long-running malware operation to drop remote access trojans (RATs), Monero cryptominers, and a new .NET implant across multiple campaigns dating back to late 2023. REF1695 relies on ISO-based fake installer…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing Windows shortcut files and GitHub to run a stealthy, multi‑stage malware campaign against organizations in South Korea. The operation chains LNK files, PowerShell, and GitHub APIs to deliver surveillance tools while blending into no…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
North Korea’s cyber program is shifting from monolithic “families” to a modular, portfolio-style malware ecosystem designed to survive exposure, frustrate attribution, and keep operations running under constant pressure. Years of sanctions, coordinated…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers hijacked the npm account of Axios’s lead maintainer. They used it to push two malicious releases that silently installed a cross‑platform remote access trojan (RAT) on macOS, Windows, and Linux systems. Axios is one of the JavaScript ecosystem’…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
