Tag: malware
-
How Malware Authors Are Incorporating LLMs to Evade Detection
Cyberattackers are integrating large language models (LLMs) into the malware, running prompts at runtime to evade detection and augment their code on demand. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/malware-authors-incorporate-llms-evade-detection
-
Microsoft Teams Flaw in Guest Chat Exposes Users to Malware Attacks
New research from Ontinue exposes a major security flaw in Microsoft Teams B2B Guest Access. Learn how attackers bypass all Defender for Office 365 protections with a single invite. First seen on hackread.com Jump to article: hackread.com/microsoft-teams-guest-chat-flaw-malware/
-
Microsoft Teams Flaw in Guest Chat Exposes Users to Malware Attacks
New research from Ontinue exposes a major security flaw in Microsoft Teams B2B Guest Access. Learn how attackers bypass all Defender for Office 365 protections with a single invite. First seen on hackread.com Jump to article: hackread.com/microsoft-teams-guest-chat-flaw-malware/
-
Russian-Backed Threat Group Uses SocGholish to Target U.S. Company
The Russian state-sponsored group behind the RomCom malware family used the SocGholish loader for the first time to launch an attack on a U.S.-based civil engineering firm, continuing its targeting of organizations that offer support to Ukraine in its ongoing war with its larger neighbor. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/russian-backed-threat-group-uses-socgholish-to-target-u-s-company/
-
Russian-Backed Threat Group Uses SocGholish to Target U.S. Company
The Russian state-sponsored group behind the RomCom malware family used the SocGholish loader for the first time to launch an attack on a U.S.-based civil engineering firm, continuing its targeting of organizations that offer support to Ukraine in its ongoing war with its larger neighbor. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/russian-backed-threat-group-uses-socgholish-to-target-u-s-company/
-
Microsoft Teams Flaw in Guest Chat Exposes Users to Malware Attacks
New research from Ontinue exposes a major security flaw in Microsoft Teams B2B Guest Access. Learn how attackers bypass all Defender for Office 365 protections with a single invite. First seen on hackread.com Jump to article: hackread.com/microsoft-teams-guest-chat-flaw-malware/
-
Hackers exploit 3D design software to target game developers, animators
Russia-linked hackers are exploiting 3D design tools to infect animators, game developers and visual effects studios with information-stealing malware, according to new research. First seen on therecord.media Jump to article: therecord.media/hackers-blender-software-malware
-
Hackers exploit 3D design software to target game developers, animators
Russia-linked hackers are exploiting 3D design tools to infect animators, game developers and visual effects studios with information-stealing malware, according to new research. First seen on therecord.media Jump to article: therecord.media/hackers-blender-software-malware
-
Chrome Extension Malware Secretly Adds Hidden SOL Fees to Solana Swap Transactions
Security researchers at Socket have uncovered a deceptive Chrome extension called Crypto Copilot that masquerades as a legitimate Solana trading tool while secretly siphoning SOL from users’ swap transactions. The malicious extension, published on June 18, 2024, extracts undisclosed fees by injecting hidden transfer instructions into every transaction users execute. Crypto Copilot markets itself on…
-
Threat Actors Use Fake Update Lures to Deploy SocGholish Malware
In a significant escalation of cyber threats, Arctic Wolf Labs has identified a coordinated campaign in which the Russian-aligned RomCom threat group leverages the SocGholish malware to target a U.S.-based engineering firm with suspected ties to Ukraine. This marks the first documented instance of RomCom payloads being distributed through SocGholish’s infrastructure, signaling a dangerous convergence…
-
Threat Actors Use Fake Update Lures to Deploy SocGholish Malware
In a significant escalation of cyber threats, Arctic Wolf Labs has identified a coordinated campaign in which the Russian-aligned RomCom threat group leverages the SocGholish malware to target a U.S.-based engineering firm with suspected ties to Ukraine. This marks the first documented instance of RomCom payloads being distributed through SocGholish’s infrastructure, signaling a dangerous convergence…
-
Fake Battlefield 6 Downloads Are Spreading Malware, Stealing Player Data
Bitdefender Labs found fake Battlefield 6 pirated copies and trainers spreading aggressive malware, C2 agents, and infostealers, designed to steal player data and crypto-wallets. First seen on hackread.com Jump to article: hackread.com/fake-battlefield-6-downloads-malware-data/
-
Hackers Use Fake “Battlefield 6” Hype to Spread Stealers and C2 Malware
The global gaming community is reeling after Bitdefender Labs revealed widespread malware operations exploiting the blockbuster launch of Electronic Arts’ Battlefield 6, a first-person shooter developed by DICE and released in October. As one of the year’s most anticipated titles, Battlefield 6’s immense popularity has become fertile ground for cybercriminals deploying sophisticated stealers and command-and-control…
-
Hackers Use Fake “Battlefield 6” Hype to Spread Stealers and C2 Malware
The global gaming community is reeling after Bitdefender Labs revealed widespread malware operations exploiting the blockbuster launch of Electronic Arts’ Battlefield 6, a first-person shooter developed by DICE and released in October. As one of the year’s most anticipated titles, Battlefield 6’s immense popularity has become fertile ground for cybercriminals deploying sophisticated stealers and command-and-control…
-
New Malware-as-a-Service ‘Olymp Loader’ Emerges on Hacker Forums With Advanced Anti-Analysis Features
Olymp Loader has emerged as a sophisticated Malware-as-a-Service (MaaS) platform since its public debut in June 2025, quickly establishing itself as a notable threat across underground cybercriminal forums and Telegram channels. Marketed under the alias >>OLYMPO,
-
RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware
The threat actors behind a malware family known as RomCom targeted a U.S.-based civil engineering company via a JavaScript loader dubbed SocGholish to deliver the Mythic Agent.”This is the first time that a RomCom payload has been observed being distributed by SocGholish,” Arctic Wolf Labs researcher Jacob Faires said in a Tuesday report.The activity has…
-
Dissecting a new malspam chain delivering Purelogs infostealer
The AISI Research Center’s Cybersecurity Observatory publishes the report >>Dissecting a new malspam chain delivering Purelogs infostealer
-
New ClickFix attacks use fake Windows Update screens to fool employees
Run dialog box, Windows Terminal, or Windows PowerShell. This leads to the downloading of scripts that launch malware.Two new tactics are used in the latest ClickFix campaign, says Huntress:the use since early October of a fake blue Windows Update splash page in full-screen, displaying realistic “Working on updates” animations that eventually conclude by prompting the user to…
-
The Latest Shai-Hulud Malware is Faster and More Dangerous
A new iteration of the Shai-Hulud malware that ran through npm repositories in September is faster, more dangerous, and more destructive, creating huge numbers of malicious repositories, compromised scripts, and GitHub users attacked, creating one of the most significant supply chain attacks this year. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/the-latest-shai-hulud-malware-is-faster-and-more-dangerous/
-
VSCode Marketplace Hit by Rogue Prettier Extension Delivering Anivia Stealer
A recently discovered malicious Visual Studio Code (VSCode) extension masquerading as the well-known “Prettier” formatter briefly infiltrated the official VSCode Marketplace, delivering a variant of the Anivia Stealer malware in a targeted attack to steal sensitive login credentials and private data from developers’ systems. Thanks to the vigilance of the Checkmarx Zero research team specifically…
-
VSCode Marketplace Hit by Rogue Prettier Extension Delivering Anivia Stealer
A recently discovered malicious Visual Studio Code (VSCode) extension masquerading as the well-known “Prettier” formatter briefly infiltrated the official VSCode Marketplace, delivering a variant of the Anivia Stealer malware in a targeted attack to steal sensitive login credentials and private data from developers’ systems. Thanks to the vigilance of the Checkmarx Zero research team specifically…
-
VSCode Marketplace Hit by Rogue Prettier Extension Delivering Anivia Stealer
A recently discovered malicious Visual Studio Code (VSCode) extension masquerading as the well-known “Prettier” formatter briefly infiltrated the official VSCode Marketplace, delivering a variant of the Anivia Stealer malware in a targeted attack to steal sensitive login credentials and private data from developers’ systems. Thanks to the vigilance of the Checkmarx Zero research team specifically…
-
VSCode Marketplace Hit by Rogue Prettier Extension Delivering Anivia Stealer
A recently discovered malicious Visual Studio Code (VSCode) extension masquerading as the well-known “Prettier” formatter briefly infiltrated the official VSCode Marketplace, delivering a variant of the Anivia Stealer malware in a targeted attack to steal sensitive login credentials and private data from developers’ systems. Thanks to the vigilance of the Checkmarx Zero research team specifically…
-
The Emergence of GPTPowered Ransomware and the Threat to IAM Systems
The cybersecurity landscape is undergoing a profound transformation. Traditional malware, characterized by static code and predictable behaviors, is being eclipsed by a new breed of threats powered by advanced artificial intelligence. A notable example is the emergence of MalTerminal, a malware leveraging OpenAI’s GPT-4 to generate ransomware and reverse shells in real-time. This development marks..…
-
The Emergence of GPTPowered Ransomware and the Threat to IAM Systems
The cybersecurity landscape is undergoing a profound transformation. Traditional malware, characterized by static code and predictable behaviors, is being eclipsed by a new breed of threats powered by advanced artificial intelligence. A notable example is the emergence of MalTerminal, a malware leveraging OpenAI’s GPT-4 to generate ransomware and reverse shells in real-time. This development marks..…

