Hackers Use PyInstaller and AMSI Patching to Deliver XWorm RAT v7.4
Hackers are hiding XWorm malware in PyInstaller files to bypass Windows security, steal data and remotely control devices through ads.
Cyber Attack
CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions
Hackers are exploiting Outlook calendar invites and device code phishing to steal M365 session tokens, bypass MFA and breach enterprise accounts.
Popular node-ipc npm Library Hit by Supply Chain Attack, Impacting 822K Weekly Downloads
A widely used npm package with more than 822,000 weekly downloads has once again become the center of a serious supply chain attack, raising fresh concerns across the JavaScript ecosystem. Security researchers at Socket have uncovered multiple maliciou…
Fake Job Interview Apps Drop JobStealer Malware on Windows and macOS
Hackers are using Fake interview apps to spread JobStealer malware on macOS and Windows to steal crypto wallets, browser data, and passwords.
FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit
Bitdefender Labs reveals how the China-linked FamousSparrow hacking group targeted an Azerbaijani energy firm using ProxyNotShell, Deed RAT,…
China-Linked Twill Typhoon Uses Fake Apple and Yahoo Sites for Espionage
A new Darktrace report reveals how Chinese hackers use fake Apple and Yahoo sites and the FDMTP malware framework to spy on organisations.
Foxconn Hit by Cyberattack, Nitrogen Ransomware Gang Claims Involvement
In a massive blow to the global electronics supply chain, manufacturing giant Foxconn has confirmed a major cyberattack on its North American operations. The notorious Nitrogen ransomware gang has claimed responsibility, boasting that it stole a stagge…
TeamPCP Claims Sale of Mistral AI Repositories Amid Mini Shai-Hulud Attack
TeamPCP claims to be selling alleged Mistral AI repositories on a hacker forum after the Mini Shai-Hulud attack targeted npm and PyPI ecosystems.
TeamPCP Claims Sale of Mistral AI Repositories Amid Mini Shai-Hulud Attack
TeamPCP claims to be selling alleged Mistral AI repositories on a hacker forum after the Mini Shai-Hulud attack targeted npm and PyPI ecosystems.
Instructure Reaches Deal with ShinyHunters to Prevent Canvas Data Leak
Instructure has reached an agreement with the ShinyHunters group to return and destroy stolen Canvas data, protecting millions of student records from a public leak.