Hackers are actively abusing interest in AI development tools by launching a sophisticated SEO poisoning campaign that impersonates Anthropic’s Claude Code installation flow to deliver a fully fileless .NET infostealer, according to researchers at Howler Cell. The campaign targets users searching for “Claude Code install,” placing a malicious lookalike page at the top of search […]

The post Fake Claude Code Installer Spreads Fileless .NET Infostealer appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly uncovered supply chain attack dubbed “IronWorm” is leveraging malicious npm packages to compromise developer environments, steal sensitive credentials, and propagate itself across repositories in a worm-like fashion. The campaign, identified in the wild, targets software developers with a particular focus on crypto and Web3 ecosystems, where exposed secrets can yield immediate financial value. […]

The post IronWorm npm Attack Steals Developer Secrets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A rapidly evolving threat cluster tracked as TA4922, a Chinese-speaking cybercriminal actor deploying a diverse and expanding malware arsenal that now includes Atlas RAT, RomulusLoader, SilentRunLoader, and ValleyRAT. The group is notable for its high operational tempo, shifting tactics, and ability to blend custom malware with legitimate tools and cloud services, complicating detection efforts across […]

The post Proofpoint: TA4922 Deploys New RAT and Loader Arsenal appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.