Tag: malware
-
Medical School Hamburg schützt ihre EKommunikation mit smarter Komplettlösung
Heute schützt NoSpamProxy Protection die Nutzenden sicher vor Spam, Phishing, Malware und anderen Bedrohungen wie CEO-Fraud. Rund 40% des eingehenden E-Mail-Verkehrs werden so im Vorfeld als ungewollt erkannt First seen on infopoint-security.de Jump to article: www.infopoint-security.de/medical-school-hamburg-schuetzt-ihre-e-mail-kommunikation-mit-smarter-komplettloesung/a43072/
-
Windows shortcuts’ use as a vector for malware may be cut short
Windows shortcut files (.lnk) have long been a convenient hiding place for attackers because Windows Explorer only displayed the first 260 characters of the command in a shortcut’s properties. Anything appended after a long string of spaces stayed invisible to the user.The issue is tracked as CVE-2025-9491, with security analysts assigning a high-severity CVSS rating…
-
SpyCloud Data Shows Corporate Users 3x More Likely to Be Targeted by Phishing Than by Malware
Austin, TX, USA, 4th December 2025, CyberNewsWire First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/spycloud-data-shows-corporate-users-3x-more-likely-to-be-targeted-by-phishing-than-by-malware/
-
SpyCloud Data Shows Corporate Users 3x More Likely to Be Targeted by Phishing Than by Malware
Austin, TX, USA, 4th December 2025, CyberNewsWire First seen on hackread.com Jump to article: hackread.com/spycloud-data-shows-corporate-users-3x-more-likely-to-be-targeted-by-phishing-than-by-malware/
-
ShadyPanda’s Years-Long Browser Hack Infected 4.3 Million Users
A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, infecting 4.3 million Chrome and Edge users with RCE malware and spyware. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/shadypandas-years-long-browser-hack-infected-4-3-million-users/
-
ShadyPanda’s Years-Long Browser Hack Infected 4.3 Million Users
A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, infecting 4.3 million Chrome and Edge users with RCE malware and spyware. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/shadypandas-years-long-browser-hack-infected-4-3-million-users/
-
Newly Sold Albiriox Android Malware Targets Banks and Crypto Holders
Cleafy analysis reveals Albiriox, a new Android Malware-as-a-Service (MaaS) RAT that targets over 400 global banking and crypto apps. Learn how ODF fraud enables full device takeover. First seen on hackread.com Jump to article: hackread.com/albiriox-android-malware-targets-banks-crypto/
-
PickleScan Uncovers 0-Day Vulnerabilities Allowing Arbitrary Code Execution via Malicious PyTorch Models
JFrog Security Research has uncovered three critical zero-day vulnerabilities in PickleScan, a widely-adopted industry-standard tool for scanning machine learning models and detecting malicious content. These vulnerabilities would enable attackers to completely bypass PickleScan’s malware detection mechanisms, potentially facilitating large-scale supply chain attacks by distributing malicious ML models containing undetectable code. The discoveries underscore a fundamental…
-
Sryxen Malware Uses Headless Browser Trick to Bypass Chrome Protections
A new Windows-focused information stealer dubbed “Sryxen” is drawing attention in the security community for its blend of modern browser credential theft and unusually aggressive anti-analysis protections. Sold as malware-as-a-service (MaaS) and written in C++ for 64-bit Windows, Sryxen targets browser secrets, Discord tokens, VPNs, social accounts, and crypto wallets, then exfiltrates everything to its…
-
Sryxen Malware Uses Headless Browser Trick to Bypass Chrome Protections
A new Windows-focused information stealer dubbed “Sryxen” is drawing attention in the security community for its blend of modern browser credential theft and unusually aggressive anti-analysis protections. Sold as malware-as-a-service (MaaS) and written in C++ for 64-bit Windows, Sryxen targets browser secrets, Discord tokens, VPNs, social accounts, and crypto wallets, then exfiltrates everything to its…
-
GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections
Cybercriminals associated with a financially motivated group known as GoldFactory have been observed staging a fresh round of attacks targeting mobile users in Indonesia, Thailand, and Vietnam by impersonating government services.The activity, observed since October 2024, involves distributing modified banking applications that act as a conduit for Android malware, Group-IB said in a technical First…
-
Shai-Hulud 2.0 NPM-Malware-Angriff erbeutet ~400 K Entwickler-Geheimnisse
Seit voriger Woche treibt Shai-Hulud 2.0, ein Wurm, sein Unwesen und schleust sich über NPM-Pakete von einem Opfer zum nächsten. Bisher wurden Zugangsdaten von über 25.000 GitHub-Repositories entwendet und bis zu 400.000 Entwicklergeheimnisse offoen gelegt. Auch die Sicherheitsforscher von Sysdig haben den … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/12/04/shai-hulud-2-0-npm-malware-angriff-erbeutet-400-k-entwickler-geheimnisse/
-
Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets
The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM (Node Package Manager) registry and publishing stolen data in 30,000 GitHub repositories. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/shai-hulud-20-npm-malware-attack-exposed-up-to-400-000-dev-secrets/
-
NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware
North Korean hackers escalated the “Contagious Interview” attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests. First seen on hackread.com Jump to article: hackread.com/nk-hackers-npm-packages-ottercookie-malware/
-
NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware
North Korean hackers escalated the “Contagious Interview” attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests. First seen on hackread.com Jump to article: hackread.com/nk-hackers-npm-packages-ottercookie-malware/
-
NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware
North Korean hackers escalated the “Contagious Interview” attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests. First seen on hackread.com Jump to article: hackread.com/nk-hackers-npm-packages-ottercookie-malware/
-
Schwachstelle für Malware-Verteilung genutzt – Notfall-Update für kritische RCE-Sicherheitslücke in WSUS
First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-notfall-patch-kritische-wsus-sicherheitsluecke-a-d338bab93ebc2563e1999cae18f17e00/
-
NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware
North Korean hackers escalated the “Contagious Interview” attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests. First seen on hackread.com Jump to article: hackread.com/nk-hackers-npm-packages-ottercookie-malware/
-
MuddyWater strikes Israel with advanced MuddyViper malware
Iran-linked threat actor MuddyWater targeted multiple Israeli sectors with a new MuddyViper backdoor in recent attacks. ESET researchers uncovered a new MuddyWater campaign targeting Israeli organizations and one confirmed Egyptian target. The Iran-linked APT group MuddyWater (aka SeedWorm, TEMP.Zagros, Mango Sandstorm, TA450, and Static Kitten) deployed custom tools to evade defenses and maintain persistence. They used a Fooder loader,…
-
Researchers Capture Lazarus APT’s Remote-Worker Scheme Live on Camera
A joint investigation led by Mauro Eldritch, founder of BCA LTD, conducted together with threat-intel initiative NorthScan and ANY.RUN, a solution for interactive malware analysis and threat intelligence, has uncovered one of North Korea’s most persistent infiltration schemes: a network of remote IT workers tied to Lazarus Group’s Famous Chollima division.For the first time, researchers…
-
Researchers Capture Lazarus APT’s Remote-Worker Scheme Live on Camera
A joint investigation led by Mauro Eldritch, founder of BCA LTD, conducted together with threat-intel initiative NorthScan and ANY.RUN, a solution for interactive malware analysis and threat intelligence, has uncovered one of North Korea’s most persistent infiltration schemes: a network of remote IT workers tied to Lazarus Group’s Famous Chollima division.For the first time, researchers…
-
Add-ons für Chrome und Edge: 4,3 Millionen Geräte per Update mit Malware infiziert
Hacker haben über mehrere Jahre hinweg zunächst harmlose Erweiterungen für Chrome und Edge veröffentlicht. Doch dann sind Updates mit Schadcode gekommen. First seen on golem.de Jump to article: www.golem.de/news/add-ons-fuer-chrome-und-edge-4-3-millionen-geraete-per-update-mit-malware-infiziert-2512-202816.html
-
Iran Hackers Take Inspiration From Snake Video Game
MuddyWater Hides Malware With Game Delay Technique. Iranian nation-state hackers took inspiration from a mobile phone time-killing mainstay, say security researchers who spotted hackers downloading malware masquerading as the Snake video game. A callback to the game isn’t nostalgia, say researchers at Eset. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/iran-hackers-take-inspiration-from-snake-video-game-a-30177
-
DevilsTongue Spyware Targets Windows Users Across Multiple Countries
Researchers at Insikt Group have uncovered new infrastructure linked to multiple operational clusters associated with Israeli spyware vendor Candiru, revealing an ongoing campaign deploying the sophisticated DevilsTongue malware against Windows users across several nations. The discovery highlights the persistent threat posed by commercial surveillance tools despite international regulatory efforts to curb their abuse. The investigation…
-
Iran Hackers Take Inspiration From Snake Video Game
MuddyWater Hides Malware With Game Delay Technique. Iranian nation-state hackers took inspiration from a mobile phone time-killing mainstay, say security researchers who spotted hackers downloading malware masquerading as the Snake video game. A callback to the game isn’t nostalgia, say researchers at Eset. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/iran-hackers-take-inspiration-from-snake-video-game-a-30177
-
DevilsTongue Spyware Targets Windows Users Across Multiple Countries
Researchers at Insikt Group have uncovered new infrastructure linked to multiple operational clusters associated with Israeli spyware vendor Candiru, revealing an ongoing campaign deploying the sophisticated DevilsTongue malware against Windows users across several nations. The discovery highlights the persistent threat posed by commercial surveillance tools despite international regulatory efforts to curb their abuse. The investigation…
-
Hackers Exploit Telegram, WinSCP, Chrome, and Teams to Deliver ValleyRat Malware
Researchers have uncovered a sophisticated malware campaign where threat actors weaponize trojanized installers for popular productivity applications to deploy ValleyRat, a persistent remote access tool. The operation demonstrates advanced evasion techniques, including kernel-level driver abuse, endpoint security tampering, and multi-stage obfuscation designed to evade detection and establish long-term system compromise. The campaign has been attributed…
-
Arkanix Stealer Emerges as New Threat: Steals VPN Logins, Wi-Fi Credentials, and Screenshots
A newly discovered information-stealing malware called Arkanix is rapidly evolving to target sensitive user data, including VPN credentials, system information, and wireless network passwords. Security researchers have identified this emerging threat as a short-lived, profit-driven malware designed for quick financial exploitation through the sale of stolen data and direct credential compromise. The threat actors behind…
-
Hackers Exploit Telegram, WinSCP, Chrome, and Teams to Deliver ValleyRat Malware
Researchers have uncovered a sophisticated malware campaign where threat actors weaponize trojanized installers for popular productivity applications to deploy ValleyRat, a persistent remote access tool. The operation demonstrates advanced evasion techniques, including kernel-level driver abuse, endpoint security tampering, and multi-stage obfuscation designed to evade detection and establish long-term system compromise. The campaign has been attributed…
-
Vaillant-CISO: “Starten statt Warten”
Tags: business, ciso, compliance, cyber, cyberattack, cyersecurity, dora, germany, group, international, mail, malware, nis-2, phishing, ransomware, resilience, risk, supply-chainRaphael Reiß, CISO bei Vaillant Group: “Ein moderner CISO muss nicht nur technologische Risiken managen.” Vaillant GroupDer Energiesektor gerät zunehmend in den Fokus von Cyberkriminellen. Aus Sicht von Experten und des Bundesamtes für Sicherheit in der Informationstechnik (BSI) muss der Schutz in diesem Bereich massiv erhöht werden. Wie beurteilen Sie die aktuelle Lage in Deutschland?Reiß:…