Tag: malware
-
VoidLink malware was almost entirely made by AI
What VoidLink signals for enterprise security: Check Point’s analysis frames the malware as an important indicator of how threat development itself is changing. The researchers emphasize that the significance of VoidLink lies less in its current deployment and more in how quickly it was created using AI-driven processes.VoidLink is designed to operate on Linux systems…
-
Malicious PyPI Package Impersonates sympy-dev, Targeting Millions of Users
A dangerous supply-chain attack targeting the Python Package Index (PyPI) that involves a malicious package named sympy-dev impersonating SymPy, one of the world’s most widely used symbolic mathematics libraries. The fraudulent package employs sophisticated typosquatting tactics and multi-stage execution to deliver cryptomining malware while avoiding detection. The malicious sympy-dev package directly copies SymPy’s official project…
-
New AI-Powered Android Malware Automatically Clicks Ads on Infected Devices
A sophisticated new Android malware family dubbed >>Android.Phantom<>phantom<>signaling<< controlled from the hxxps://dllpgd[.]click command server. The ML model downloads from hxxps://app-download[.]cn-wlcb[.]ufileos[.]com and analyzes screenshots of virtual screens to identify and automatically click ad […] The post New AI-Powered Android Malware Automatically Clicks Ads on Infected Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform. First…
-
ClearFake malware Exploits Proxy Execution to Run Malicious PowerShell Commands via Trusted Windows Feature
Tags: cyber, detection, endpoint, exploit, injection, malicious, malware, powershell, vulnerability, windowsA sophisticated evolution of the ClearFake malware campaign has emerged, deploying advanced evasion techniques that abuse legitimate Windows components to bypass endpoint detection systems. The operation, which has compromised hundreds of websites since August 2025, now leverages a command injection vulnerability in a trusted Windows script to silently execute malicious PowerShell code, while hosting its…
-
Securing the Future: Practical Approaches to Digital Sovereignty in Google Workspace
Tags: access, attack, ciso, cloud, compliance, computing, container, control, data, defense, dora, email, encryption, GDPR, google, Hardware, healthcare, identity, infrastructure, law, malware, network, privacy, regulation, resilience, risk, service, software, strategy, zero-trustSecuring the Future: Practical Approaches to Digital Sovereignty in Google Workspace madhav Thu, 01/22/2026 – 04:35 In today’s rapidly evolving digital landscape, data privacy and sovereignty have become top priorities for organizations worldwide. With the proliferation of cloud services and the tightening of global data protection regulations, security professionals face mounting pressure to ensure their…
-
Coder Builds Malware in Week With AI Help
Check Point Identifies VoidLink Framework First ‘Advanced’ AI-Generated Threat. A single developer built a Linux malware framework in less than a week using artificial intelligence, said security researchers. Check Point researchers say this is a case of AI-generated malware reaching operational maturity at a pace that challenges assumptions about development timelines. First seen on govinfosecurity.com…
-
Complex VoidLink Linux Malware Created by AI
Researchers say the advanced framework was built almost entirely by agents, marking a significant evolution in the use of AI to develop wholly original malware. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/voidlink-linux-malware-ai
-
Complex VoidLink Linux Malware Created by AI
Researchers say the advanced framework was built almost entirely by agents, marking a significant evolution in the use of AI to develop wholly original malware. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/voidlink-linux-malware-ai
-
VoidLink Emerges: First Fully AI-Driven Malware Signals a New Era of Cyber Threats
A sophisticated Linux malware framework developed almost entirely through artificial intelligence, marking the beginning of a new era in AI-powered threats. Unlike previous AI-generated malware linked to inexperienced threat actors, VoidLink represents the first documented case of high-complexity, production-grade malware authored by AI under the direction of a skilled developer. Development artifacts exposed through operational…
-
Weaponized Shipping Documents Spread Remcos RAT in Stealthy Malware Campaign
A sophisticated phishing campaign distributing a fileless variant of Remcos RAT, a commercial remote access tool offering extensive capabilities, including system resource management, remote surveillance, network management, and agent control. The campaign initiates through phishing emails impersonating Vietnamese shipping companies, tricking recipients into opening attached Word documents under the pretense of viewing updated shipping documents.…
-
Voidlink Linux Malware Was Built Using an AI Agent, Researchers Reveal
Sophisticated malware previously thought to be the work of a well-resourced cyber-crime group was built by one person – with the aid of AI tools First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/voidlink-linux-malware-built-using/
-
Linux users targeted by crypto thieves via hijacked apps on Snap Store
Cryptocurrency thieves have found a new way to turn trusted software packages for Linux on the Snap Store into crypto-stealing malware, Ubuntu contributor and former Canonical … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/21/linux-malware-snap-store/
-
VoidLink Linux Malware Framework Built with AI Assistance Reaches 88,000 Lines of Code
The recently discovered sophisticated Linux malware framework known as VoidLink is assessed to have been developed by a single person with assistance from an artificial intelligence (AI) model.That’s according to new findings from Check Point Research, which identified operational security blunders by malware’s author that provided clues to its developmental origins. The latest insight makes…
-
VoidLink shows how one developer used AI to build a powerful Linux malware
VoidLink is a cloud-focused Linux malware, likely built by one person using AI, offering loaders, implants, rootkit evasion, and modular plugins. Check Point researchers uncovered VoidLink, a cloud-focused Linux malware framework likely built by a single developer with help from an AI model. VoidLink includes custom loaders, implants, rootkit-based evasion features, and dozens of plugins…
-
VoidLink Represents the Future of AI-Developed Malware: Check Point
Check Point dug into the details of VoidLink and found a sophisticated and quickly developed malware that was mostly generated using AI and putting a spotlight on what the future of cyber threats looks like. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/voidlink-represents-the-future-of-ai-developed-malware-check-point/
-
VoidLink cloud malware shows clear signs of being AI-generated
The recently discovered cloud-focused VoidLink malware framework is believed to have been developed by a single person with the help of an artificial intelligence model. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/voidlink-cloud-malware-shows-clear-signs-of-being-ai-generated/
-
VoidLink: Erste belegte KI-generierte Malware dieser Komplexität
VoidLink steht für einen echten Paradigmenwechsel in der Entwicklung fortschrittlicher Malware. Nicht nur die technische Raffinesse, sondern vor allem das enorme Entwicklungstempo war bemerkenswert. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/voidlink-erste-belegte-ki-generierte-malware-dieser-komplexitaet/a43426/
-
50 Unternehmen gehackt: Hacker soll Malware an das FBI verkauft haben
Ein 40-jähriger Mann aus Jordanien hat unter anderem mit Malware gehandelt. Nachdem das FBI ihn überführt hat, drohen ihm nun bis zu zehn Jahre Haft. First seen on golem.de Jump to article: www.golem.de/news/haftstrafe-droht-50-firmen-gehackt-und-malware-an-das-fbi-verkauft-2601-204410.html
-
Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading
Tags: access, cybersecurity, exploit, hacker, linkedin, malicious, malware, open-source, phishing, ratCybersecurity researchers have uncovered a new phishing campaign that exploits social media private messages to propagate malicious payloads, likely with the intent to deploy a remote access trojan (RAT).The activity delivers “weaponized files via Dynamic Link Library (DLL) sideloading, combined with a legitimate, open-source Python pen-testing script,” ReliaQuest said in a report shared with First…
-
Was sechs Milliarden durch Malware kompromittierte Zugangsdaten über die häufigsten Passwörter verraten
Specops veröffentlichte seinen jährlichen Breached-Password-Report 2026, in dem über 6 Milliarden gestohlene Passwörter analysiert werden, die von Januar bis Dezember 2025 vom Threat-Intelligence-Team von Outpost24, der Muttergesellschaft von Specops, gesammelt wurden. Der Report zeigt, dass der Diebstahl von Zugangsdaten kein Einzelfall oder kurzlebiges Ereignis mehr ist. Stattdessen werden gestohlene Passwörter in großem Umfang gesammelt, zu…
-
Was sechs Milliarden durch Malware kompromittierte Zugangsdaten über die häufigsten Passwörter verraten
Specops veröffentlichte seinen jährlichen Breached-Password-Report 2026, in dem über 6 Milliarden gestohlene Passwörter analysiert werden, die von Januar bis Dezember 2025 vom Threat-Intelligence-Team von Outpost24, der Muttergesellschaft von Specops, gesammelt wurden. Der Report zeigt, dass der Diebstahl von Zugangsdaten kein Einzelfall oder kurzlebiges Ereignis mehr ist. Stattdessen werden gestohlene Passwörter in großem Umfang gesammelt, zu…
-
Was sechs Milliarden durch Malware kompromittierte Zugangsdaten über die häufigsten Passwörter verraten
Specops veröffentlichte seinen jährlichen Breached-Password-Report 2026, in dem über 6 Milliarden gestohlene Passwörter analysiert werden, die von Januar bis Dezember 2025 vom Threat-Intelligence-Team von Outpost24, der Muttergesellschaft von Specops, gesammelt wurden. Der Report zeigt, dass der Diebstahl von Zugangsdaten kein Einzelfall oder kurzlebiges Ereignis mehr ist. Stattdessen werden gestohlene Passwörter in großem Umfang gesammelt, zu…
-
Gootloader Malware With Low Detection Rate Evades Most Security Tools
Gootloader malware has resurfaced, employing sophisticated evasion techniques to exploit malformed ZIP archives and obfuscation mechanisms to bypass security detection systems. The Gootloader malware campaign, tracked as a partnership between Storm-0494 and Vanilla Tempest, has returned in late 2025 with an alarming ability to evade detection. The threat operates through a specialized delivery mechanism a…
-
Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto
Cybersecurity researchers have disclosed details of a malware campaign that’s targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual Studio Code (VS Code) extension ecosystem.”The malware is designed to exfiltrate sensitive information, including developer credentials and cryptocurrency-related data. Compromised developer First seen on thehackernews.com Jump to article: thehackernews.com/2026/01/evelyn-stealer-malware-abuses-vs-code.html
-
Verdächtiger gesteht: 50 Firmen gehackt und Malware an das FBI verkauft
Tags: malwareEin Mann aus Jordanien hat unter anderem mit Malware gehandelt. Nachdem das FBI ihn überführt hat, drohen ihm nun bis zu zehn Jahre Haft. First seen on golem.de Jump to article: www.golem.de/news/haftstrafe-droht-50-firmen-gehackt-und-malware-an-das-fbi-verkauft-2601-204410.html