Tag: malware
-
Add-ons für Chrome und Edge: 4,3 Millionen Geräte per Update mit Malware infiziert
Hacker haben über mehrere Jahre hinweg zunächst harmlose Erweiterungen für Chrome und Edge veröffentlicht. Doch dann sind Updates mit Schadcode gekommen. First seen on golem.de Jump to article: www.golem.de/news/add-ons-fuer-chrome-und-edge-4-3-millionen-geraete-per-update-mit-malware-infiziert-2512-202816.html
-
Iran Hackers Take Inspiration From Snake Video Game
MuddyWater Hides Malware With Game Delay Technique. Iranian nation-state hackers took inspiration from a mobile phone time-killing mainstay, say security researchers who spotted hackers downloading malware masquerading as the Snake video game. A callback to the game isn’t nostalgia, say researchers at Eset. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/iran-hackers-take-inspiration-from-snake-video-game-a-30177
-
DevilsTongue Spyware Targets Windows Users Across Multiple Countries
Researchers at Insikt Group have uncovered new infrastructure linked to multiple operational clusters associated with Israeli spyware vendor Candiru, revealing an ongoing campaign deploying the sophisticated DevilsTongue malware against Windows users across several nations. The discovery highlights the persistent threat posed by commercial surveillance tools despite international regulatory efforts to curb their abuse. The investigation…
-
Iran Hackers Take Inspiration From Snake Video Game
MuddyWater Hides Malware With Game Delay Technique. Iranian nation-state hackers took inspiration from a mobile phone time-killing mainstay, say security researchers who spotted hackers downloading malware masquerading as the Snake video game. A callback to the game isn’t nostalgia, say researchers at Eset. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/iran-hackers-take-inspiration-from-snake-video-game-a-30177
-
DevilsTongue Spyware Targets Windows Users Across Multiple Countries
Researchers at Insikt Group have uncovered new infrastructure linked to multiple operational clusters associated with Israeli spyware vendor Candiru, revealing an ongoing campaign deploying the sophisticated DevilsTongue malware against Windows users across several nations. The discovery highlights the persistent threat posed by commercial surveillance tools despite international regulatory efforts to curb their abuse. The investigation…
-
Hackers Exploit Telegram, WinSCP, Chrome, and Teams to Deliver ValleyRat Malware
Researchers have uncovered a sophisticated malware campaign where threat actors weaponize trojanized installers for popular productivity applications to deploy ValleyRat, a persistent remote access tool. The operation demonstrates advanced evasion techniques, including kernel-level driver abuse, endpoint security tampering, and multi-stage obfuscation designed to evade detection and establish long-term system compromise. The campaign has been attributed…
-
Arkanix Stealer Emerges as New Threat: Steals VPN Logins, Wi-Fi Credentials, and Screenshots
A newly discovered information-stealing malware called Arkanix is rapidly evolving to target sensitive user data, including VPN credentials, system information, and wireless network passwords. Security researchers have identified this emerging threat as a short-lived, profit-driven malware designed for quick financial exploitation through the sale of stolen data and direct credential compromise. The threat actors behind…
-
Hackers Exploit Telegram, WinSCP, Chrome, and Teams to Deliver ValleyRat Malware
Researchers have uncovered a sophisticated malware campaign where threat actors weaponize trojanized installers for popular productivity applications to deploy ValleyRat, a persistent remote access tool. The operation demonstrates advanced evasion techniques, including kernel-level driver abuse, endpoint security tampering, and multi-stage obfuscation designed to evade detection and establish long-term system compromise. The campaign has been attributed…
-
Vaillant-CISO: “Starten statt Warten”
Tags: business, ciso, compliance, cyber, cyberattack, cyersecurity, dora, germany, group, international, mail, malware, nis-2, phishing, ransomware, resilience, risk, supply-chainRaphael Reiß, CISO bei Vaillant Group: “Ein moderner CISO muss nicht nur technologische Risiken managen.” Vaillant GroupDer Energiesektor gerät zunehmend in den Fokus von Cyberkriminellen. Aus Sicht von Experten und des Bundesamtes für Sicherheit in der Informationstechnik (BSI) muss der Schutz in diesem Bereich massiv erhöht werden. Wie beurteilen Sie die aktuelle Lage in Deutschland?Reiß:…
-
Vaillant-CISO: “Starten statt Warten”
Tags: business, ciso, compliance, cyber, cyberattack, cyersecurity, dora, germany, group, international, mail, malware, nis-2, phishing, ransomware, resilience, risk, supply-chainRaphael Reiß, CISO bei Vaillant Group: “Ein moderner CISO muss nicht nur technologische Risiken managen.” Vaillant GroupDer Energiesektor gerät zunehmend in den Fokus von Cyberkriminellen. Aus Sicht von Experten und des Bundesamtes für Sicherheit in der Informationstechnik (BSI) muss der Schutz in diesem Bereich massiv erhöht werden. Wie beurteilen Sie die aktuelle Lage in Deutschland?Reiß:…
-
Glassworm Malware Targets OpenVSX and Microsoft Visual Studio with 24 New Malicious Packages
Security threats rarely adhere to holiday schedules, and while developers may take time off, malicious actors are working overtime. A significant new wave of software supply chain attacks has been identified targeting the Microsoft Visual Studio Marketplace and OpenVSX platforms. Researchers at Secure Annex have uncovered and tracked 24 new malicious packages linked to the…
-
4.3 Million Chrome and Edge Users Hacked in 7-Year ShadyPanda Malware Campaign
Koi researchers have uncovered a seven-year browser extension operation that has silently compromised at least 4.3 million Chrome and Edge users worldwide. The threat actor, dubbed ShadyPanda, systematically abused browser marketplaces to turn seemingly legitimate extensions into long”‘term surveillance and remote access platforms. Koi’s investigation identified two ongoing campaigns linked to the same actor. A 300,000″‘user remote…
-
Glassworm Malware Targets OpenVSX and Microsoft Visual Studio with 24 New Malicious Packages
Security threats rarely adhere to holiday schedules, and while developers may take time off, malicious actors are working overtime. A significant new wave of software supply chain attacks has been identified targeting the Microsoft Visual Studio Marketplace and OpenVSX platforms. Researchers at Secure Annex have uncovered and tracked 24 new malicious packages linked to the…
-
Glassworm malware returns in third wave of malicious VS Code packages
The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/glassworm-malware-returns-in-third-wave-of-malicious-vs-code-packages/
-
The Hidden Calendar Threat Putting 4 Million Apple Devices at Risk
Hijacked calendar subscriptions are emerging as a stealthy new way for attackers to push phishing and malware directly onto devices. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/the-hidden-calendar-threat-putting-4-million-apple-devices-at-risk/
-
New Android Albiriox Malware Gains Traction in Dark Web Markets
Android malware Albiriox emerged as MaaS, offering device takeover and real-time fraud capabilities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/android-maas-malware-albiriox-dark/
-
New Android Albiriox Malware Gains Traction in Dark Web Markets
Android malware Albiriox emerged as MaaS, offering device takeover and real-time fraud capabilities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/android-maas-malware-albiriox-dark/
-
Bin ich Teil eines Botnets? Jetzt kostenlos nachprüfen
Zu Weihnachten die Rechner der Verwandtschaft auf Botnet-Aktivitäten überprüfen der kostenlose GreyNoise IP Check machts möglich.Hacks greifen immer stärker Unternehmen an, weil die Beute in Form von Lösegeld und Daten dort aussichtreicher ist als bei Privatpersonen. Das bedeutet jedoch nicht, dass eine Einzelperson kein lohnendes Opfer ist. Im Gegenteil Computer von Individuen zu infizieren kann…
-
ShadyPanda browser extensions amass 4.3M installs in malicious campaign
A long-running malware operation known as “ShadyPanda” has amassed over 4.3 million installations of seemingly legitimate Chrome and Edge browser extensions that evolved into malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/shadypanda-browser-extensions-amass-43m-installs-in-malicious-campaign/
-
Malware Manipulates AI Detection in Latest npm Package Breach
Malicious npm package targets AI security with misleading prompts, exploiting automated analysis First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malware-ai-detection-npm-package/
-
Operation Hanoi Thief: Pseudo-Polyglot Payloads Targeting IT Professionals
SEQRITE Labs APT-Team has uncovered a sophisticated cyberattack campaign dubbed >>Operation Hanoi Thief,
-
Operation Hanoi Thief: Pseudo-Polyglot Payloads Targeting IT Professionals
SEQRITE Labs APT-Team has uncovered a sophisticated cyberattack campaign dubbed >>Operation Hanoi Thief,
-
Emerging Android threat ‘Albiriox’ enables full On”‘Device Fraud
Albiriox is new Android MaaS malware enabling on-device fraud and real-time control. It targets 400+ banking, fintech, crypto, and payment apps. Albiriox is a new Android malware sold under a malware-as-a-service model on Russian”‘speaking cybercrime forums. It provides advanced capabilities for on-device fraud, screen manipulation, and real-time interaction with infected devices. It also includes a…
-
Emerging Android threat ‘Albiriox’ enables full On”‘Device Fraud
Albiriox is new Android MaaS malware enabling on-device fraud and real-time control. It targets 400+ banking, fintech, crypto, and payment apps. Albiriox is a new Android malware sold under a malware-as-a-service model on Russian”‘speaking cybercrime forums. It provides advanced capabilities for on-device fraud, screen manipulation, and real-time interaction with infected devices. It also includes a…
-
Bin ich Teil eines Botnets? GreyNoise IP-Check-Seite
Immer häufiger werden IoT-Geräte wie Router etc. durch Malware infiziert und in ein Botnetz integriert. Die Frage ist, wie man als Anwender auf einfache Art prüfen kann, ob das eigene Netzwerk Teil eines Botnetzes ist. Sicherheitsanbieter GreyNoise hat für diese … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/12/01/bin-ich-teil-eines-botnets-sicherheitsanbieter-gray-nose-stellt-ip-check-online/
-
New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control
A new Android malware named Albiriox has been advertised under a malware-as-a-service (MaaS) model to offer a “full spectrum” of features to facilitate on-device fraud (ODF), screen manipulation, and real-time interaction with infected devices.The malware embeds a hard-coded list comprising over 400 applications spanning banking, financial technology, payment processors, cryptocurrency First seen on thehackernews.com Jump…
-
APT36 Deploys Python-Based ELF Malware in Targeted Attacks on Indian Government Agencies
Pakistan-linked cyberespionage group APT36 (Transparent Tribe) has escalated its campaign against Indian government institutions with the deployment of sophisticated Python-based ELF malware specifically designed to compromise Linux-based BOSS operating environments, according to research published by CYFIRMA. The threat actor, historically focused on Windows systems, has demonstrated expanded technical maturity through multi-platform tooling that bypasses conventional…
-
APT36 Deploys Python-Based ELF Malware in Targeted Attacks on Indian Government Agencies
Pakistan-linked cyberespionage group APT36 (Transparent Tribe) has escalated its campaign against Indian government institutions with the deployment of sophisticated Python-based ELF malware specifically designed to compromise Linux-based BOSS operating environments, according to research published by CYFIRMA. The threat actor, historically focused on Windows systems, has demonstrated expanded technical maturity through multi-platform tooling that bypasses conventional…
-
Bin ich Teil eines Botnets? Gray Nose IP-Check-Seite
Immer häufiger werden IoT-Geräte wie Router etc. durch Malware infiziert und in ein Botnetz integriert. Die Frage ist, wie man als Anwender auf einfache Art prüfen kann, ob das eigene Netzwerk Teil eines Botnetzes ist. Sicherheitsanbieter Grey Nose hat für … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/12/01/bin-ich-teil-eines-botnets-sicherheitsanbieter-gray-nose-stellt-ip-check-online/

