Tag: malware
-
Linux users targeted by crypto thieves via hijacked apps on Snap Store
Cryptocurrency thieves have found a new way to turn trusted software packages for Linux on the Snap Store into crypto-stealing malware, Ubuntu contributor and former Canonical … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/21/linux-malware-snap-store/
-
VoidLink Linux Malware Framework Built with AI Assistance Reaches 88,000 Lines of Code
The recently discovered sophisticated Linux malware framework known as VoidLink is assessed to have been developed by a single person with assistance from an artificial intelligence (AI) model.That’s according to new findings from Check Point Research, which identified operational security blunders by malware’s author that provided clues to its developmental origins. The latest insight makes…
-
VoidLink shows how one developer used AI to build a powerful Linux malware
VoidLink is a cloud-focused Linux malware, likely built by one person using AI, offering loaders, implants, rootkit evasion, and modular plugins. Check Point researchers uncovered VoidLink, a cloud-focused Linux malware framework likely built by a single developer with help from an AI model. VoidLink includes custom loaders, implants, rootkit-based evasion features, and dozens of plugins…
-
VoidLink Represents the Future of AI-Developed Malware: Check Point
Check Point dug into the details of VoidLink and found a sophisticated and quickly developed malware that was mostly generated using AI and putting a spotlight on what the future of cyber threats looks like. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/voidlink-represents-the-future-of-ai-developed-malware-check-point/
-
VoidLink cloud malware shows clear signs of being AI-generated
The recently discovered cloud-focused VoidLink malware framework is believed to have been developed by a single person with the help of an artificial intelligence model. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/voidlink-cloud-malware-shows-clear-signs-of-being-ai-generated/
-
VoidLink: Erste belegte KI-generierte Malware dieser Komplexität
VoidLink steht für einen echten Paradigmenwechsel in der Entwicklung fortschrittlicher Malware. Nicht nur die technische Raffinesse, sondern vor allem das enorme Entwicklungstempo war bemerkenswert. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/voidlink-erste-belegte-ki-generierte-malware-dieser-komplexitaet/a43426/
-
50 Unternehmen gehackt: Hacker soll Malware an das FBI verkauft haben
Ein 40-jähriger Mann aus Jordanien hat unter anderem mit Malware gehandelt. Nachdem das FBI ihn überführt hat, drohen ihm nun bis zu zehn Jahre Haft. First seen on golem.de Jump to article: www.golem.de/news/haftstrafe-droht-50-firmen-gehackt-und-malware-an-das-fbi-verkauft-2601-204410.html
-
Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading
Tags: access, cybersecurity, exploit, hacker, linkedin, malicious, malware, open-source, phishing, ratCybersecurity researchers have uncovered a new phishing campaign that exploits social media private messages to propagate malicious payloads, likely with the intent to deploy a remote access trojan (RAT).The activity delivers “weaponized files via Dynamic Link Library (DLL) sideloading, combined with a legitimate, open-source Python pen-testing script,” ReliaQuest said in a report shared with First…
-
Was sechs Milliarden durch Malware kompromittierte Zugangsdaten über die häufigsten Passwörter verraten
Specops veröffentlichte seinen jährlichen Breached-Password-Report 2026, in dem über 6 Milliarden gestohlene Passwörter analysiert werden, die von Januar bis Dezember 2025 vom Threat-Intelligence-Team von Outpost24, der Muttergesellschaft von Specops, gesammelt wurden. Der Report zeigt, dass der Diebstahl von Zugangsdaten kein Einzelfall oder kurzlebiges Ereignis mehr ist. Stattdessen werden gestohlene Passwörter in großem Umfang gesammelt, zu…
-
Was sechs Milliarden durch Malware kompromittierte Zugangsdaten über die häufigsten Passwörter verraten
Specops veröffentlichte seinen jährlichen Breached-Password-Report 2026, in dem über 6 Milliarden gestohlene Passwörter analysiert werden, die von Januar bis Dezember 2025 vom Threat-Intelligence-Team von Outpost24, der Muttergesellschaft von Specops, gesammelt wurden. Der Report zeigt, dass der Diebstahl von Zugangsdaten kein Einzelfall oder kurzlebiges Ereignis mehr ist. Stattdessen werden gestohlene Passwörter in großem Umfang gesammelt, zu…
-
Was sechs Milliarden durch Malware kompromittierte Zugangsdaten über die häufigsten Passwörter verraten
Specops veröffentlichte seinen jährlichen Breached-Password-Report 2026, in dem über 6 Milliarden gestohlene Passwörter analysiert werden, die von Januar bis Dezember 2025 vom Threat-Intelligence-Team von Outpost24, der Muttergesellschaft von Specops, gesammelt wurden. Der Report zeigt, dass der Diebstahl von Zugangsdaten kein Einzelfall oder kurzlebiges Ereignis mehr ist. Stattdessen werden gestohlene Passwörter in großem Umfang gesammelt, zu…
-
Gootloader Malware With Low Detection Rate Evades Most Security Tools
Gootloader malware has resurfaced, employing sophisticated evasion techniques to exploit malformed ZIP archives and obfuscation mechanisms to bypass security detection systems. The Gootloader malware campaign, tracked as a partnership between Storm-0494 and Vanilla Tempest, has returned in late 2025 with an alarming ability to evade detection. The threat operates through a specialized delivery mechanism a…
-
Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto
Cybersecurity researchers have disclosed details of a malware campaign that’s targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual Studio Code (VS Code) extension ecosystem.”The malware is designed to exfiltrate sensitive information, including developer credentials and cryptocurrency-related data. Compromised developer First seen on thehackernews.com Jump to article: thehackernews.com/2026/01/evelyn-stealer-malware-abuses-vs-code.html
-
Verdächtiger gesteht: 50 Firmen gehackt und Malware an das FBI verkauft
Tags: malwareEin Mann aus Jordanien hat unter anderem mit Malware gehandelt. Nachdem das FBI ihn überführt hat, drohen ihm nun bis zu zehn Jahre Haft. First seen on golem.de Jump to article: www.golem.de/news/haftstrafe-droht-50-firmen-gehackt-und-malware-an-das-fbi-verkauft-2601-204410.html
-
Verdächtiger gesteht: 50 Firmen gehackt und Malware an das FBI verkauft
Tags: malwareEin Mann aus Jordanien hat unter anderem mit Malware gehandelt. Nachdem das FBI ihn überführt hat, drohen ihm nun bis zu zehn Jahre Haft. First seen on golem.de Jump to article: www.golem.de/news/haftstrafe-droht-50-firmen-gehackt-und-malware-an-das-fbi-verkauft-2601-204410.html
-
Verdächtiger gesteht: 50 Firmen gehackt und Malware an das FBI verkauft
Tags: malwareEin Mann aus Jordanien hat unter anderem mit Malware gehandelt. Nachdem das FBI ihn überführt hat, drohen ihm nun bis zu zehn Jahre Haft. First seen on golem.de Jump to article: www.golem.de/news/haftstrafe-droht-50-firmen-gehackt-und-malware-an-das-fbi-verkauft-2601-204410.html
-
CrashFix attack hijacks browser failures to deliver ModelRAT malware via fake Chrome extension
Payload delivery: When the user executes the supplied commands, a multistage infection process begins that ultimately deploys a previously undocumented Python-based remote access trojan, which the researchers dubbed ModelRAT. The malware establishes persistence and enables remote control of the infected system.Huntress’ telemetry suggested differing behavior based on the environment. Systems joined to a domain were…
-
Crashfix: Adblocker bringt Browser absichtlich zum Absturz
Tags: malwareAngreifer haben es auf Adblocker-Interessierte abgesehen. Mit einem gefälschten uBlock Origin Lite locken sie Suchende in die Malware-Falle. First seen on golem.de Jump to article: www.golem.de/news/crashfix-adblocker-erweiterung-bringt-browser-absichtlich-zum-absturz-2601-204394.html
-
Crashfix: Adblocker-Erweiterung bringt Browser absichtlich zum Absturz
Tags: malwareAngreifer haben es auf Adblocker-Interessierte abgesehen. Mit einem gefälschten uBlock Origin Lite locken sie Suchende in die Malware-Falle. First seen on golem.de Jump to article: www.golem.de/news/crashfix-adblocker-erweiterung-bringt-browser-absichtlich-zum-absturz-2601-204394.html
-
VoidLink Debuts AI-Assisted, Server-Side Kernel Compilation Rootkit Technique
On January 13, 2026, Check Point Research published its analysis of VoidLink, a Chinese-developed Linux malware framework designed to target cloud environments. Following this disclosure, the Sysdig Threat Research Team (TRT) examined VoidLink’s binaries to understand its loader chain, rootkit internals, and control mechanisms. VoidLink’s most significant innovation addresses a persistent challenge in Linux malware:…
-
Secure web browsers for the enterprise compared: How to pick the right one
Tags: access, ai, android, api, attack, browser, business, chrome, cloud, computer, control, corporate, data, encryption, endpoint, fortinet, gartner, google, guide, identity, linux, login, malicious, malware, mfa, mobile, monitoring, network, okta, phishing, saas, service, siem, software, technology, threat, tool, training, vpn, windows, zero-trustEnable MFA at the beginning of any browser session by default.Handle isolation controls both with respect to the user’s session and to isolate any application from cross-infection. This means controlling the movement of data between the browser, your particular endpoint and the web application or applications involved.Control access to web destinations, either to allow or…
-
Discord Exploited to Spread Clipboard Hijacker Stealing Cryptocurrency Funds
CloudSEK’s STRIKE team has uncovered a sophisticated cryptocurrency theft operation orchestrated by the threat actor >>RedLineCyber,<< who deliberately impersonates the notorious RedLine Solutions to establish credibility within underground communities. Rather than collecting comprehensive system data, the malware employs a highly targeted approach: continuously monitoring the Windows clipboard for cryptocurrency wallet addresses and performing silent substitution…
-
SolyxImmortal Malware Abuses Discord to Quietly Harvest Sensitive Information
A newly discovered information-stealing malware, SolyxImmortal, has emerged as a persistent surveillance threat targeting Windows users. Distributed through underground Telegram channels, this Python-based implant combines credential theft, document harvesting, keystroke logging, and screen capture capabilities into a continuously running surveillance framework that operates silently in the background. First detected in January 2026, the malware prioritizes…
-
Google Ads Exploited to Deliver TamperedChef Through Malicious PDF Editor
A sophisticated malvertising campaign tracked as TamperedChef has compromised over 100 organizations across 19 countries by distributing weaponized PDF editing software through Google Ads. Sophos Managed Detection and Response (MDR) teams discovered the operation in September 2025, revealing a multi-layered attack infrastructure designed to steal browser credentials and establish persistent backdoor access on Windows systems.…
-
This Intune update isn’t optional, it’s a kill switch for outdated apps
Tags: access, android, authentication, business, control, corporate, cybersecurity, data, infrastructure, malware, microsoft, mitigation, password, phone, risk, service, switch, threat, tool, updateiOS line-of-business (LOB) and custom iOS apps using the Intune App SDK must update to SDK version 20.8.0 or later for apps compiled with Xcode 16, and to 21.1.0 or later for apps compiled with Xcode 26.Apps using the wrapper must update to the new version of the Intune App Wrapping Tool for iOS: version…
-
Operation Poseidon: Konni APT Hijacks Google Naver Ads for Malware
The post Operation Poseidon: Konni APT Hijacks Google Naver Ads for Malware appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/operation-poseidon-konni-apt-hijacks-google-naver-ads-for-malware/