Tag: malware
-
Hohes Malware-Risiko: Mitarbeiter installieren in Unternehmen raubkopierte Software auf Arbeitsgeräten
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/hoch-malware-risiko-mitarbeiter-installation-unternehmen-raubkopien-software-arbeitsgeraete
-
Code in Nischensprachen hebelt Anomalieerkennung aus
Die offenbar vom pakistanischen Staat unterstützte Malware-Gruppe APT36 setzt bei der Entwicklung ihrer Malware jetzt auf künstliche Intelligenz. Zu diesem Ergebnis kommt eine aktuelle Analyse der Bitdefender Labs. Ein KI-Modell unterstützt die Akteure, Malware in industriellem Ausmaß zu generieren. Verfügbare Malware lässt sich in gering verbreitete Programmiersprachen übersetzen sowie betriebssystemunabhängig und damit effektiv verbreiten. Beweise…
-
Threat Actors Exploit Fake Claude Code Downloads to Deploy Infostealer Malware
Threat actors are abusing interest in Anthropic’s Claude Code tools by setting up fake download pages that ultimately drop a lightweight infostealer via mshta.exe. The campaign shows how a single living”‘off”‘the”‘land binary (LOLBIN) can power an effective data”‘theft chain without any complex malware framework. Attackers register or compromise domains that appear to be legitimate Claude Code…
-
That attractive online ad might be a malware trap
Malware increasingly travels through the infrastructure that delivers online advertising. The Media Trust’s Global Report on Digital Trust, Ad Integrity, and the Protection of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/05/the-media-trust-ad-malware-risks-report/
-
Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware
A suspected Iran-nexus threat actor has been attributed to a campaign targeting government officials in Iraq by impersonating the country’s Ministry of Foreign Affairs to deliver a set of never-before-seen malware.Zscaler ThreatLabz, which observed the activity in January 2026, is tracking the cluster under the name Dust Specter. The attacks, which manifest in the form…
-
UAT-9244 targets South American telecommunication providers with three new malware implants
Cisco Talos is disclosing UAT-9244, who we assess with high confidence is a China-nexus advanced persistent threat (APT) actor closely associated with Famous Sparrow. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/uat-9244/
-
APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine
Cybersecurity researchers have disclosed details of a new Russian cyber campaign that has targeted Ukrainian entities with two previously undocumented malware families named BadPaw and MeowMeow.”The attack chain initiates with a phishing email containing a link to a ZIP archive. Once extracted, an initial HTA file displays a lure document written in Ukrainian concerning border…
-
State-affiliated hackers set up for critical OT attacks that operators may not detect
Tags: access, antivirus, attack, conference, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, exploit, firmware, fortinet, group, hacker, incident response, infrastructure, Internet, Intruder, lessons-learned, malware, mfa, monitoring, network, password, penetration-testing, phishing, regulation, russia, service, spear-phishing, supply-chain, threat, tool, ukraine, update, vulnerabilityRussia’s OT attack teams expand beyond Ukraine: The Russia-linked pair Kamacite and Electrum, which Dragos has tracked since the mid-2010s and is responsible for the 2015 and 2016 cyberattacks that took down parts of Ukraine’s power grid, expanded operations into NATO territory in 2025 after years focused almost exclusively on Ukrainian targets.Kamacite, which serves as…
-
State-affiliated hackers set up for critical OT attacks that operators may not detect
Tags: access, antivirus, attack, conference, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, exploit, firmware, fortinet, group, hacker, incident response, infrastructure, Internet, Intruder, lessons-learned, malware, mfa, monitoring, network, password, penetration-testing, phishing, regulation, russia, service, spear-phishing, supply-chain, threat, tool, ukraine, update, vulnerabilityRussia’s OT attack teams expand beyond Ukraine: The Russia-linked pair Kamacite and Electrum, which Dragos has tracked since the mid-2010s and is responsible for the 2015 and 2016 cyberattacks that took down parts of Ukraine’s power grid, expanded operations into NATO territory in 2025 after years focused almost exclusively on Ukrainian targets.Kamacite, which serves as…
-
14 old software bugs that took way too long to squash
Tags: access, api, attack, authentication, automation, bug-bounty, communications, computer, control, credentials, cve, cvss, cyber, data, data-breach, dns, dos, encryption, exploit, flaw, hacker, Hardware, infosec, infrastructure, Internet, kaspersky, linux, malicious, malware, microsoft, mitigation, network, nist, open-source, password, programming, remote-code-execution, risk, service, software, stuxnet, supply-chain, technology, theft, threat, tool, update, usa, vulnerability, windows, zero-dayAge: 30 yearsDate introduced: 1995Date fixed: February 2026Researchers unearthed a legacy flaw in the widely used libpng open-source library that had existed since the technology was first released more than 30 years ago.The heap buffer overflow vulnerability (CVE-2026-25646) meant that applications using the flawed software would crash when presented with a maliciously constructed PNG raster…
-
14 old software bugs that took way too long to squash
Tags: access, api, attack, authentication, automation, bug-bounty, communications, computer, control, credentials, cve, cvss, cyber, data, data-breach, dns, dos, encryption, exploit, flaw, hacker, Hardware, infosec, infrastructure, Internet, kaspersky, linux, malicious, malware, microsoft, mitigation, network, nist, open-source, password, programming, remote-code-execution, risk, service, software, stuxnet, supply-chain, technology, theft, threat, tool, update, usa, vulnerability, windows, zero-dayAge: 30 yearsDate introduced: 1995Date fixed: February 2026Researchers unearthed a legacy flaw in the widely used libpng open-source library that had existed since the technology was first released more than 30 years ago.The heap buffer overflow vulnerability (CVE-2026-25646) meant that applications using the flawed software would crash when presented with a maliciously constructed PNG raster…
-
BadPaw and MeowMeow: Russian Cyber Offensive Targets Ukraine with Novel Malware Duo
The post BadPaw and MeowMeow: Russian Cyber Offensive Targets Ukraine with Novel Malware Duo appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/badpaw-and-meowmeow-russian-cyber-offensive-targets-ukraine-with-novel-malware-duo/
-
BadPaw and MeowMeow: Russian Cyber Offensive Targets Ukraine with Novel Malware Duo
The post BadPaw and MeowMeow: Russian Cyber Offensive Targets Ukraine with Novel Malware Duo appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/badpaw-and-meowmeow-russian-cyber-offensive-targets-ukraine-with-novel-malware-duo/
-
Fake Zoom, Teams Meeting Invites Use Compromised Certificates to Drop Malware
A new phishing campaign is using stolen certificates from TrustConnect Software PTY LTD to sign malware. By impersonating updates for Zoom and Microsoft Teams, hackers install RMM tools to gain persistent, privileged access to networks First seen on hackread.com Jump to article: hackread.com/fake-zoom-teams-invites-malware-certificates/
-
Malware-laced OpenClaw installers get Bing AI search boost
Think before you download First seen on theregister.com Jump to article: www.theregister.com/2026/03/04/fake_openclaw_installers_malware/
-
Attackers are using your network against you, according to Cloudflare
Blind spots in complex cloud environments allow identity-based attacks to achieve the same outcome as complex malware or zero-day exploits. Sophistication need not apply. First seen on cyberscoop.com Jump to article: cyberscoop.com/cloudflare-annual-threat-report-2026/
-
Multi-Stage BadPaw Malware Campaign Targets Ukraine
Malware campaign uses Ukrainian email service for credibility, deploying BadPaw to execute attacks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/badpaw-malware-targets-ukraine/
-
Russian hackers deploy new malware in phishing campaign targeting Ukraine
Researchers have identified a suspected Russian espionage campaign targeting Ukraine that uses two previously undocumented malware strains. First seen on therecord.media Jump to article: therecord.media/russian-ukraine-hackers-malware
-
Attackers abuse OAuth’s built-in redirects to launch phishing and malware attacks
Researchers have found that attackers are abusing OAuth to send users from legitimate Microsoft or Google login pages to phishing sites or malware downloads. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/attackers-abuse-oauths-built-in-redirects-to-launch-phishing-and-malware-attacks/
-
Iranian cyberattacks fail to materialize but threat remains acute
Tags: ai, application-security, attack, ceo, control, country, cyber, cyberattack, cybercrime, cybersecurity, defense, endpoint, finance, government, group, healthcare, infrastructure, intelligence, Internet, iran, malware, mfa, monitoring, phishing, risk, service, supply-chain, technology, threat, tool, update, vpnTargeting and response: According to Adrian Cheek, a senior cybercrime researcher at Canadian threat intelligence company Flare, the most at-risk sectors are critical infrastructure, including the defense and government supply chain, financial services, energy, and healthcare.”Water, energy, and healthcare sectors are currently the most exposed. These sectors combine high targeting priority with weak baseline security,…
-
Chinesische Cyberspionage-Gruppe Silver-Dragon hat Behörden in Europa und Asien im Visier
Die Sicherheitsforensiker von Check Point Research (CPR) haben eine Cyberspionage-kampagne identifiziert, die sich gegen Regierungs-organisationen in Südostasien und Teilen Europas richtet. CPR nennt die Gruppe ‘Silver Dragon>> und nach Einschätzung der Sicherheitsexperten ist sie seit mindestens Mitte 2024 aktiv. Die Kampagne kombiniert Server-Exploits, Phishing, maßgeschneiderte Malware und eine cloudbasierte Befehlsinfrastruktur, um langfristigen Zugriff auf die…
-
Iran”‘Linked “Dust Specter” APT Deploys AI”‘Aided Malware Against Iraqi Officials
Iran”‘nexus APT group “Dust Specter” is targeting Iraqi government officials with AI”‘assisted custom .NET malware, using dual attack chains that blend DLL sideloading, in”‘memory PowerShell, and ClickFix”‘style lures. In January 2026, Zscaler ThreatLabz tracked a new campaign against Iraqi officials in which the actor impersonated Iraq’s Ministry of Foreign Affairs and abused compromised government infrastructure…
-
VoidLink Malware Framework Targets Kubernetes and AI Workloads in New Cyber Attack Wave
VoidLink marks a turning point in how adversaries target Kubernetes and AI workloads, signaling a shift toward cloud-native, AI-aware malware frameworks that live where modern value is created: inside containers, pods, and GPU clusters.research. It fingerprints its surroundings to detect major clouds such as AWS, GCP, Azure, Alibaba, and Tencent, and distinguishes whether it is…
-
VoidLink Malware Framework Targets Kubernetes and AI Workloads in New Cyber Attack Wave
VoidLink marks a turning point in how adversaries target Kubernetes and AI workloads, signaling a shift toward cloud-native, AI-aware malware frameworks that live where modern value is created: inside containers, pods, and GPU clusters.research. It fingerprints its surroundings to detect major clouds such as AWS, GCP, Azure, Alibaba, and Tencent, and distinguishes whether it is…
-
Telegram Increasingly Used to Sell Access, Malware and Stolen Logs
Cybercriminals are now increasingly using Telegram to sell corporate access, malware subscriptions, and stealer logs, turning the messaging app into a fast cybercrime hub. First seen on hackread.com Jump to article: hackread.com/telegram-used-sell-access-malware-stolen-logs/
-
Von Vibe Hacking bis hin zu Flat-Pack-Malware
HP hat seinen aktuellen Threat Insights Report veröffentlicht und zeigt, wie künstliche Intelligenz zunehmend von Angreifern genutzt wird, um Cyberangriffe schneller, kostengünstiger und effizienter durchzuführen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/vibe-hacking-flat-pack-malware
-
HP Wolf Security Report: KI beschleunigt Low-Quality-Angriffe durch modulare Malware und Automatisierung
Der aktuelle Report von HP Wolf Security zeigt, dass Cyberkriminelle zunehmend auf Künstliche Intelligenz setzen, um Angriffe schneller, flexibler und automatisierter umzusetzen. KI-gestützte ‘Vibe-Hacking”-Techniken kommen in Infektionsskripten zum Einsatz First seen on infopoint-security.de Jump to article: www.infopoint-security.de/hp-wolf-security-report-ki-beschleunigt-low-quality-angriffe-durch-modulare-malware-und-automatisierung/a43937/