A new Android click-fraud trojan family uses TensorFlow ML to visually detect and tap ads, bypassing traditional script-based click techniques. Researchers at cybersecurity firm Dr.Web discovered a new Android click-fraud trojan family that uses TensorFlow.js ML models to visually detect and tap ads, avoiding traditional script-based methods. The malware is distributed via Xiaomi’s GetApps, it […]
That LinkedIn message pretending to be job offer could just be malwre.
Sysdig TRT analysis reveals VoidLink as a revolutionary Linux threat. Using Serverside Rootkit Compilation and Zig code, it targets AWS and Azure with adaptive stealth.
The hackers trick victims into accessing GitHub or GitLab repositories that are opened using Visual Studio Code.
The post North Korean Hackers Target macOS Developers via Malicious VS Code Projects appeared first on SecurityWeek.
Cryptocurrency thieves have found a new way to turn trusted software packages for Linux on the Snap Store into crypto-stealing malware, Ubuntu contributor and former Canonical developer Alan Pope warned. SnapScope web app identifies malicious snaps (So…
VoidLink is a cloud-focused Linux malware, likely built by one person using AI, offering loaders, implants, rootkit evasion, and modular plugins. Check Point researchers uncovered VoidLink, a cloud-focused Linux malware framework likely built by a single developer with help from an AI model. VoidLink includes custom loaders, implants, rootkit-based evasion features, and dozens of plugins […]
Threat actors use PDFSIDER malware with social engineering and DLL sideloading to bypass AV/EDR, and ransomware gangs already abuse it. Resecurity has learned about PDFSIDER during an investigation of a network intrusion attempt that was successfully prevented by a Fortune 100 energy corporation. The threat actor contacted their staff, impersonating technical support, and used social […]
Huntress discovers ‘CrashFix,’ a new attack by KongTuke hacker group using fake ad blockers to crash browsers and trick office workers into installing ModeloRAT malware.
Indian music streaming platform Raaga has become the latest victim of a significant cybersecurity incident after sensitive user data was posted for sale on a popular hacking forum in December 2025. The breach has exposed personal …
Providing cyberespionage and remote code execution capabilities, the malware is executed via DLL sideloading.
The post APT-Grade PDFSider Malware Used by Ransomware Groups appeared first on SecurityWeek.