Tag: malware

Data Leak Exposes 149M Logins, Including Gmail, Facebook

Jan 23, 2026 11:30 PM

Tags: credentials, data, data-breach, leak, login, malware

A massive unsecured database exposed 149 million logins, raising concerns over infostealer malware and credential theft. The post Data Leak Exposes 149M Logins, Including Gmail, Facebook appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-149-million-passwords-exposed-infostealer-database/
Researchers say Russian government hackers were behind attempted Poland power outage

Jan 23, 2026 10:30 PM

Tags: government, group, hacker, hacking, infrastructure, malware, russia

Security researchers have attributed the attempted use of destructive “wiper” malware across Poland’s energy infrastructure in late December to a Russian-backed hacking group known for causing power outages in neighboring Ukraine. First seen on techcrunch.com Jump to article: techcrunch.com/2026/01/23/researchers-say-russian-government-hackers-were-behind-attempted-poland-power-outage/
The cybercrime industry continues to challenge CISOs in 2026

Jan 23, 2026 8:30 PM

Tags: access, ai, attack, automation, backup, best-practice, breach, business, ciso, compliance, control, credentials, crime, crowdstrike, cyber, cybercrime, cybersecurity, data, data-breach, deep-fake, defense, detection, disinformation, espionage, exploit, extortion, fortinet, framework, fraud, governance, group, hacker, hacking, identity, incident response, infection, infrastructure, insurance, intelligence, malware, metric, network, phishing, ransom, ransomware, resilience, risk, saas, service, soar, social-engineering, sophos, strategy, supply-chain, technology, theft, threat, tool, training, update, usa, vpn, vulnerability

Evolution of the security strategy: Alessandro Armenia, global head of cybersecurity at ReeVo, believes that three key aspects are emerging in the current landscape: “First, attacks are no longer isolated events, but coordinated, in some cases automated, operations that often originate within the organizations themselves, for example, due to human error or exposed credentials. Second,…
The cybercrime industry continues to challenge CISOs in 2026

Jan 23, 2026 8:30 PM

Tags: access, ai, attack, automation, backup, best-practice, breach, business, ciso, compliance, control, credentials, crime, crowdstrike, cyber, cybercrime, cybersecurity, data, data-breach, deep-fake, defense, detection, disinformation, espionage, exploit, extortion, fortinet, framework, fraud, governance, group, hacker, hacking, identity, incident response, infection, infrastructure, insurance, intelligence, malware, metric, network, phishing, ransom, ransomware, resilience, risk, saas, service, soar, social-engineering, sophos, strategy, supply-chain, technology, theft, threat, tool, training, update, usa, vpn, vulnerability

Evolution of the security strategy: Alessandro Armenia, global head of cybersecurity at ReeVo, believes that three key aspects are emerging in the current landscape: “First, attacks are no longer isolated events, but coordinated, in some cases automated, operations that often originate within the organizations themselves, for example, due to human error or exposed credentials. Second,…
US to deport Venezuelans who emptied bank ATMs using malware

Jan 23, 2026 6:38 PM

Tags: finance, malware

South Carolina federal prosecutors announced that two Venezuelan nationals convicted of stealing hundreds of thousands of dollars from U.S. banks in an ATM jackpotting scheme will be deported after serving their sentences. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-to-deport-venezuelans-who-emptied-bank-atms-using-malware/
From Incident to Insight: How Forensic Recovery Drives Adaptive Cyber Resilience

Jan 23, 2026 4:34 PM

Tags: business, cyber, cybersecurity, defense, malware, ransomware, resilience

When ransomware cripples a business’s systems or stealthy malware slips past defenses, the first instinct is to get everything back online as quickly as possible. That urgency is understandable, Cybersecurity Ventures estimates ransomware damage costs $156 million per day. But businesses cannot let speed overshadow the more pressing need to understand exactly what happened,.. First…
Fake Captcha Exploits Trusted Web Infrastructure to Distribute Malware

Jan 23, 2026 4:34 PM

Tags: captcha, cyber, exploit, infrastructure, malicious, malware, service

Fake Captcha and >>ClickFix<< lures have emerged as among the most persistent and deceptive malware-delivery mechanisms on the modern web. These pages mimic legitimate verification challenges from trusted services like Cloudflare, tricking users into executing malicious commands disguised as security checks or browser validation steps. What appears to be a routine security interstitial something millions…
Threat Actors Exploit LNK Files to Deploy MoonPeak Malware on Windows Systems

Jan 23, 2026 4:34 PM

Tags: attack, cyber, exploit, finance, korea, malware, social-engineering, threat, windows

A sophisticated three-stage malware attack campaign against Windows users in South Korea using specially crafted LNK (shortcut) files. The attack begins with a deceptive LNK file named >>ì‹¤ì „ íŠ¸ë ˆì´ë, © í•µì‹¬ ë¹„ë²•ì„œ.pdf.lnk<>Practical Trading Core Secret Book<<), specifically crafted to target South Korean investors seeking financial guidance. This social engineering approach exploits users' trust […] The…
MacSync macOS Infostealer Exploits ClickFix-style Attack to Trick Users with Single Terminal Command

Jan 23, 2026 4:34 PM

Tags: access, attack, credentials, crypto, cyber, exploit, Hardware, login, macOS, malware, microsoft, phishing, service, social-engineering, tool

A sophisticated macOS infostealer campaign that leverages deceptive ClickFix-style social engineering to distribute MacSync, a Malware-as-a-Service (MaaS) credential-stealing tool targeting cryptocurrency users. The attack chain begins with phishing redirects and culminates in persistent access through trojanized hardware wallet applications. The campaign initiates with credential harvesters impersonating Microsoft login pages. Analysis of crosoftonline[.]com/login[.]srf a domain spoofing official Microsoft…
Angreifer missbrauchen Tools für Remote-Monitoring und Management als Backdoor

Jan 23, 2026 3:31 PM

Tags: backdoor, malware, monitoring, software, threat, tool

Die KnowBe4 Threat Labs informieren über eine ausgeklügelte Dual-Vektor-Kampagne, die die Bedrohungskette nach der Kompromittierung von Anmeldedaten demonstriert. Anstatt maßgeschneiderte Malware einzusetzen, umgehen die Angreifer die Sicherheitsperimeter, indem sie IT-Tools missbrauchen, denen von IT-Administratoren vertraut wird. Indem sie sich einen ‘Generalschlüssel” für das System verschaffen, verwandeln sie legitime Remote-Monitoring and Management (RMM)-Software in eine dauerhafte…
What are drive-by download attacks?

Jan 23, 2026 2:30 PM

Tags: attack, cyber, infection, malicious, malware, software, threat

A drive-by download attack is a type of cyber threat where malicious software is downloaded and installed on a user’s device without their knowledge or consent simply by visiting a compromised or malicious website. Unlike traditional malware attacks, users often do not have to click a link or open an attachment, the infection can… First…
Hackers Disable Windows Security With New Malware Attack

Jan 23, 2026 12:30 PM

Tags: attack, exploit, hacker, malware, social-engineering, windows

Unlike traditional attacks that rely on exploits, this succeeds through social engineering combined with abuse of Windows’ own security architecture. The post Hackers Disable Windows Security With New Malware Attack appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-hackers-disable-windows-security/
Keine Malware nötig: Hacker tricksen Googles Gemini mit einem Kalendereintrag aus

Jan 23, 2026 10:31 AM

Tags: google, hacker, malware

First seen on t3n.de Jump to article: t3n.de/news/keine-malware-noetig-hacker-tricksen-googles-gemini-mit-einem-kalendereintrag-aus-1726136/
Machine learningpowered Android Trojans bypass script-based Ad Click detection

Jan 22, 2026 9:42 PM

Tags: android, cybersecurity, detection, fraud, malware, ml

A new Android click-fraud trojan family uses TensorFlow ML to visually detect and tap ads, bypassing traditional script-based click techniques. Researchers at cybersecurity firm Dr.Web discovered a new Android click-fraud trojan family that uses TensorFlow.js ML models to visually detect and tap ads, avoiding traditional script-based methods. The malware is distributed via Xiaomi’s GetApps, it…
KI-generierte Malware bedroht Entwickler und Blockchain-Ökosysteme

Jan 22, 2026 6:46 PM

Tags: ai, blockchain, cyber, malware, phishing, software

Check Point Research veröffentlicht die Ergebnisse seiner Analyse einer neuen Phishing-Kampagne im Zusammenhang mit <>. Die Malware-Familie wird der nordkoreanischen Gruppe APT37 zugerechnet. Aufgrund der Analyse stellen die Sicherheitsforscher fest, dass KI-generierte Malware nun einsatzbereit ist und Cyber-Kriminelle nicht mehr nur damit experimentieren. Die Kampagne zielt auf Software-Entwickler und Ingenieure ab, die an Blockchain- und…
Hackers Exploit Snap Domains to Inject Malicious Code into Linux Software Packages

Jan 22, 2026 4:30 PM

Tags: cyber, exploit, hacker, linux, malicious, malware, software, threat

Snaps are compressed, cryptographically signed, revertable software packages for Linux desktops, servers, and embedded devices. A sophisticated campaign targeting Canonical’s Snap Store has escalated dramatically, with threat actors shifting from publishing malware under new accounts to hijacking established publishers through expired domain takeovers. This represents a fundamental erosion of trust signals that Linux users previously…
VoidLink Malware Puts Cloud Systems on High Alert With Custom Built Attacks

Jan 22, 2026 2:30 PM

Tags: attack, cloud, linux, malware

Sysdig TRT analysis reveals VoidLink as a revolutionary Linux threat. Using Serverside Rootkit Compilation and Zig code, it targets AWS and Azure with adaptive stealth. First seen on hackread.com Jump to article: hackread.com/voidlink-malware-cloud-system-custom-built-attack/
VoidLink malware was almost entirely made by AI

Jan 22, 2026 1:30 PM

Tags: ai, cloud, framework, linux, malware, mitigation, risk, threat, tool

What VoidLink signals for enterprise security: Check Point’s analysis frames the malware as an important indicator of how threat development itself is changing. The researchers emphasize that the significance of VoidLink lies less in its current deployment and more in how quickly it was created using AI-driven processes.VoidLink is designed to operate on Linux systems…
Malicious PyPI Package Impersonates sympy-dev, Targeting Millions of Users

Jan 22, 2026 11:30 AM

Tags: attack, cyber, malicious, malware, pypi, supply-chain, tactics

A dangerous supply-chain attack targeting the Python Package Index (PyPI) that involves a malicious package named sympy-dev impersonating SymPy, one of the world’s most widely used symbolic mathematics libraries. The fraudulent package employs sophisticated typosquatting tactics and multi-stage execution to deliver cryptomining malware while avoiding detection. The malicious sympy-dev package directly copies SymPy’s official project…
New Multi-Stage Windows Malware Disables Microsoft Defender, Deploys Malicious Payloads

Jan 22, 2026 11:30 AM

Tags: business, cloud, cyber, exploit, malicious, malware, microsoft, russia, service, social-engineering, windows

A sophisticated multi-stage malware campaign targeting Russian users, leveraging social engineering, legitimate cloud services, and native Windows functionality to achieve full system compromise without exploiting vulnerabilities. The campaign begins with deceptively crafted business-themed documents delivered via compressed archives. Victims receive Russian-language files that appear to be routine accounting tasks, but the archive contains a malicious…
New AI-Powered Android Malware Automatically Clicks Ads on Infected Devices

Jan 22, 2026 11:30 AM

Tags: ai, android, control, cyber, fraud, infrastructure, intelligence, malware, ml

A sophisticated new Android malware family dubbed >>Android.Phantom<>phantom<>signaling<< controlled from the hxxps://dllpgd[.]click command server. The ML model downloads from hxxps://app-download[.]cn-wlcb[.]ufileos[.]com and analyzes screenshots of virtual screens to identify and automatically click ad […] The post New AI-Powered Android Malware Automatically Clicks Ads on Infected Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform. First…
ClearFake malware Exploits Proxy Execution to Run Malicious PowerShell Commands via Trusted Windows Feature

Jan 22, 2026 11:30 AM

Tags: cyber, detection, endpoint, exploit, injection, malicious, malware, powershell, vulnerability, windows

A sophisticated evolution of the ClearFake malware campaign has emerged, deploying advanced evasion techniques that abuse legitimate Windows components to bypass endpoint detection systems. The operation, which has compromised hundreds of websites since August 2025, now leverages a command injection vulnerability in a trusted Windows script to silently execute malicious PowerShell code, while hosting its…
Securing the Future: Practical Approaches to Digital Sovereignty in Google Workspace

Jan 22, 2026 9:30 AM

Tags: access, attack, ciso, cloud, compliance, computing, container, control, data, defense, dora, email, encryption, GDPR, google, Hardware, healthcare, identity, infrastructure, law, malware, network, privacy, regulation, resilience, risk, service, software, strategy, zero-trust

Securing the Future: Practical Approaches to Digital Sovereignty in Google Workspace madhav Thu, 01/22/2026 – 04:35 In today’s rapidly evolving digital landscape, data privacy and sovereignty have become top priorities for organizations worldwide. With the proliferation of cloud services and the tightening of global data protection regulations, security professionals face mounting pressure to ensure their…
Coder Builds Malware in Week With AI Help

Jan 21, 2026 9:14 PM

Tags: ai, framework, intelligence, linux, malware

Check Point Identifies VoidLink Framework First ‘Advanced’ AI-Generated Threat. A single developer built a Linux malware framework in less than a week using artificial intelligence, said security researchers. Check Point researchers say this is a case of AI-generated malware reaching operational maturity at a pace that challenges assumptions about development timelines. First seen on govinfosecurity.com…
Complex VoidLink Linux Malware Created by AI

Jan 21, 2026 6:38 PM

Tags: ai, framework, linux, malware

Researchers say the advanced framework was built almost entirely by agents, marking a significant evolution in the use of AI to develop wholly original malware. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/voidlink-linux-malware-ai
Complex VoidLink Linux Malware Created by AI

Jan 21, 2026 6:38 PM

Tags: ai, framework, linux, malware

Researchers say the advanced framework was built almost entirely by agents, marking a significant evolution in the use of AI to develop wholly original malware. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/voidlink-linux-malware-ai
Weaponized Shipping Documents Spread Remcos RAT in Stealthy Malware Campaign

Jan 21, 2026 3:13 PM

Tags: access, cyber, email, malware, network, phishing, rat, tool

A sophisticated phishing campaign distributing a fileless variant of Remcos RAT, a commercial remote access tool offering extensive capabilities, including system resource management, remote surveillance, network management, and agent control. The campaign initiates through phishing emails impersonating Vietnamese shipping companies, tricking recipients into opening attached Word documents under the pretense of viewing updated shipping documents.…
VoidLink Emerges: First Fully AI-Driven Malware Signals a New Era of Cyber Threats

Jan 21, 2026 3:13 PM

Tags: ai, cyber, data-breach, framework, intelligence, linux, malware, threat

A sophisticated Linux malware framework developed almost entirely through artificial intelligence, marking the beginning of a new era in AI-powered threats. Unlike previous AI-generated malware linked to inexperienced threat actors, VoidLink represents the first documented case of high-complexity, production-grade malware authored by AI under the direction of a skilled developer. Development artifacts exposed through operational…
Voidlink Linux Malware Was Built Using an AI Agent, Researchers Reveal

Jan 21, 2026 2:13 PM

Tags: ai, crime, cyber, group, linux, malware, tool

Sophisticated malware previously thought to be the work of a well-resourced cyber-crime group was built by one person – with the aid of AI tools First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/voidlink-linux-malware-built-using/
Linux users targeted by crypto thieves via hijacked apps on Snap Store

Jan 21, 2026 12:13 PM

Tags: crypto, linux, malware, software

Cryptocurrency thieves have found a new way to turn trusted software packages for Linux on the Snap Store into crypto-stealing malware, Ubuntu contributor and former Canonical … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/21/linux-malware-snap-store/