Tag: malware
-
Cursor, Windsurf und Co.: Vibe-Coding-Tools können Usern Malware empfehlen
First seen on t3n.de Jump to article: t3n.de/news/cursor-windsurf-vibe-coding-tools-empfehlen-usern-malware-1724004/
-
Missing MFA Strikes Again: Hacker Hits Collaboration Tools
Terabytes of Data Stolen From Cloud-Based Collaboration Tools, Researchers Warn. Dozens of organizations that use real-time content collaboration platforms appear to have lost not only credentials but also terabytes of hosted data to information-stealing malware being wielded by an initial access broker with a sideline in auctioning large volumes of stolen data. First seen on…
-
Kimwolf Android botnet abuses residential proxies to infect internal devices
The Kimwolf botnet, an Android variant of the Aisuru malware, has grown to more than two million hosts, most of them infected by exploiting vulnerabilities in residential proxy networks to target devices on internal networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kimwolf-android-botnet-abuses-residential-proxies-to-infect-internal-devices/
-
Fake Windows BSODs check in at Europe’s hotels to con staff into running malware
Phishers posing as Booking.com use panic-inducing blue screens to bypass security controls First seen on theregister.com Jump to article: www.theregister.com/2026/01/06/russia_hackers_hotel_bsods/
-
CloudEyE MaaS Downloader and Cryptor Infects Over 100,000 Users Globally
ESET Research has uncovered a significant surge in CloudEye malware detections, with a 30-fold increase in the second half of 2025. The security firm detected more than 100,000 infection attempts over the six months, signaling a widespread threat affecting organizations globally. CloudEyE operates as a Malware-as-a-Service (MaaS) downloader and cryptor designed to conceal and deploy…
-
Threat Actors Exploit Office Assistant to Deliver Malicious Mltab Browser Plugin
A sophisticated malware campaign has been discovered exploiting Office Assistant, a widely used AI-powered productivity software in China, to distribute a malicious browser plugin that hijacks user traffic and exfiltrates sensitive information. The RedDrip Team from QiAnXin Technology’s Threat Intelligence Center uncovered this operation, which has been active since at least May 2024 and has…
-
Cursor, Windsurf Google Antigravity IDEs Linked to Malicious Extension Exposure
A critical supply chain vulnerability has been discovered affecting millions of developers using popular AI-powered IDEs, including Cursor, Windsurf, and Google Antigravity. Security researchers revealed that these coding environments were actively recommending non-existent extensions, allowing potential attackers to upload malware that users would unthinkingly install. The issue stems from how these tools were built. Cursor,…
-
New VVS Stealer Malware Targets Discord Users via Fake System Errors
Palo Alto Networks’ new report reveals VVS Stealer uses Discord Injection and fake error messages to steal tokens and MFA codes. Protect your account from this new Python-based threat. First seen on hackread.com Jump to article: hackread.com/vvs-stealer-malwar-discord-system-errors/
-
Malware im Anmarsch: Hacker tricksen Windows-Nutzer mit Fake-Bluescreens aus
Ein Bluescreen, der gleich die Problemlösung mitliefert? Zu schön, um wahr zu sein. Es droht eine gefährliche Malware-Infektion. First seen on golem.de Jump to article: www.golem.de/news/malware-im-anmarsch-hacker-tricksen-windows-nutzer-mit-fake-bluescreens-aus-2601-203847.html
-
Aus BluelineStealer wird SantaStealer als Malware-as-a SantaStealer klaut Passwörter und Wallets im Abo-Model
First seen on security-insider.de Jump to article: www.security-insider.de/santastealer-malware-as-a-service-a-7200f61d533a0771f520ffa425c6ae7c/
-
Russian hackers target European hospitality industry with ‘blue screen of death’ malware
The scheme starts with a fake reservation cancellation that impersonates a popular booking site, and eventually prompts victims with an error message and “Blue Screen of Death” page. First seen on therecord.media Jump to article: therecord.media/russian-hackers-europe-hospitality-blue-screen
-
Malware Campaign Abuses Booking.com Against Hospitality Sector
Securonix is detailing a multi-stage campaign that starts with a bogus Booking.com message that runs through a ClickFix technique and a fake Blue Screen of Death before dropping the DCRat malware that gives the attackers full remote control of the victim’s system. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/malware-campaign-abuses-booking-com-against-hospitality-sector/
-
What is Stealc Malware?
Stealc malware is an advanced information-stealing malware (infostealer) designed to secretly collect sensitive data from infected systems. Its primary focus is on web browsers, where it extracts saved passwords, cookies, autofill data, and session information. In many cases, it also targets cryptocurrency wallets and system files, making it a high-risk threat for both individuals and……
-
Taiwan subjected to 2.6 million Chinese cyberattacks a day in 2025
This article originally appeared on ComputerSweden.More on cyberattacks:Cybersecurity firm turns tables on threat actors with decoy data trapIranian APT Prince of Persia returns with new malware and C2 infrastructure’Ink Dragon’ threat group targets IIS servers to build stealthy global network First seen on csoonline.com Jump to article: www.csoonline.com/article/4112834/taiwan-subjected-to-2-6-million-chinese-cyberattacks-a-day-in-2025.html
-
VVS Stealer Uses Advanced Obfuscation to Target Discord Users
A new Python-based malware called VVS stealer has been identified, targeting Discord users with stealthy techniques to steal data First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/vvs-stealer-advanced-obfuscation/
-
PyArmor Obfuscation as a Method to Hinder Static and Signature-Based Analysis
Malware authors continue to adopt legitimate software protection tools to shield their malicious code from security researchers. A prime example is the >>VVS Stealer,
-
Threat Actors Abuse Trusted Business Infrastructure to Host Infostealers
In a disturbing evolution of the cybercrime landscape, a self-sustaining cycle of infection has emerged in which victims of malware are being unwillingly conscripted into the ranks of attackers. New research from the Hudson Rock Threat Intelligence Team, in collaboration with the newly released ClickFix Hunter platform, reveals that a significant portion of domains hosting…
-
Windows und Office: Aktivierungstool infiziert 2,8 Millionen Systeme mit Malware
Ein 29-Jähriger soll unzählige PCs mit Malware verseucht haben. Opfer wurden mit einer kostenlosen Aktivierung für Windows und Office gelockt. First seen on golem.de Jump to article: www.golem.de/news/windows-und-office-aktivierungstool-infiziert-2-8-millionen-systeme-mit-malware-2601-203792.html
-
VVS Stealer, a new python malware steals Discord credentials
VVS Stealer is a Python-based malware that steals Discord credentials and tokens and has been sold on Telegram since at least April 2025. Palo Alto Networks researchers uncovered VVS Stealer, a Python-based malware that steals Discord credentials and tokens and has been sold on Telegram since at least April 2025. VVS Stealer uses the source…
-
New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code
Cybersecurity researchers have disclosed details of a new Python-based information stealer called VVS Stealer (also styled as VVS $tealer) that’s capable of harvesting Discord credentials and tokens.The stealer is said to have been on sale on Telegram as far back as April 2025, according to a report from Palo Alto Networks Unit 42.”VVS stealer’s code…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 78
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Evasive Panda APT poisons DNS requests to deliver MgBot Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations EmEditor Supply Chain Incident Details Disclosed: Distribution of Information-Stealing Malware Sweeps…
-
How to Protect Your iPhone or Android Device From Spyware
Being targeted by sophisticated spyware is relatively rare, but experts say that everyone needs to stay vigilant as this dangerous malware continues to proliferate worldwide. First seen on wired.com Jump to article: www.wired.com/story/how-to-protect-your-iphone-or-android-device-from-spyware/
-
DarkSpectre Malware Hit 8.8M Browsers via Malicious Extensions
DarkSpectre infected over 8.8 million browser users by abusing trusted extensions and advanced evasion techniques. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/darkspectre-malware-hit-8-8m-browsers-via-malicious-extensions/
-
RondoDoX Botnet Abuses React2Shell Vulnerability for Malware Deployment
Tags: attack, botnet, control, cyber, data-breach, exploit, infrastructure, iot, malware, threat, vulnerabilityCloudSEK has uncovered a sustained nine-month campaign by the RondoDoX botnet operation, revealing rapid exploitation of emerging vulnerabilities including the critical React2Shell vulnerability. Analysis of exposed command-and-control logs spanning March through December 2025 demonstrates how threat actors swiftly adapted attack infrastructure following public disclosure, pivoting from traditional IoT targets to weaponizing Next.js applications within days…