New npm Malware Attack Infects Popular Ethereum Library with Backdoor
Security researchers at ReversingLabs have discovered a new malware campaign on the npm package repository, revealing a new…
Hackers Exploit COM Objects for Fileless Malware and Lateral Movement
Security researchers Dylan Tran and Jimmy Bayne have unveiled a new fileless lateral movement technique that exploits trapped Component Object Model (COM) objects in Windows systems. This method, based on research by James Forshaw of Google Project Zer…
New IOCONTROL Malware Let Attackers Control Critical Infrastructure & Gain Remote Access
A new malware strain called IOCONTROL has emerged, posing a significant threat to Internet of Things (IoT) devices and operational technology (OT) systems, particularly those in critical infrastructure. First observed in December 2024, IOCONTROL is all…
BlackLock Ransomware Targeted by Cybersecurity Firm
Resecurity found an LFI flaw in the leak site of BlackLock ransomware, exposing clearnet IPs and server details. Resecurity has identified a Local File Include (LFI) vulnerability in Data Leak Site (DLS) of BlackLock Ransomware. Cybersecurity experts were able to exploit misconfiguration in vulnerable web-app used by ransomware operators to publish victims’ data – leading […]
YouTube Creators Targeted by Weaponized Brand Deals Using ‘Clickflix’ Attack Tactic
A new wave of cyberattacks is targeting YouTube creators, leveraging fake brand collaboration offers to distribute malware. Cybersecurity firm CloudSEK has uncovered a sophisticated phishing campaign that employs the “Clickflix” technique t…
macOS Users Warned of New Versions of ReaderUpdate Malware
macOS users are targeted with multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages.
The post macOS Users Warned of New Versions of ReaderUpdate Malware appeared first on SecurityWeek.
Raspberry Robin Unveils 200 Unique Domains Used by Threat Actors
In a significant development, cybersecurity firm Silent Push has identified nearly 200 unique command and control (C2) domains associated with the Raspberry Robin malware. This discovery sheds new light on the infrastructure used by this sophisticated …
Cybercriminals Bypass Security Using Legitimate Tools & Browser Extensions to Deliver Malware
In the second half of 2024, cybercriminals have increasingly leveraged legitimate Microsoft tools and browser extensions to bypass security measures and deliver malware, according to Ontinue’s latest Threat Intelligence Report. Threat actors are …
Android malware campaigns use .NET MAUI to evade detection
Researchers warn of a new Android malware that uses .NET MAUI to mimic legit services and evade detection. McAfee researchers warn of Android malware campaigns using .NET MAUI to evade detection. These threats disguise themselves as legitimate services to steal sensitive information from users. .NET MAUI (Multi-platform App UI) is a cross-platform framework by Microsoft […]
Banking Malware Infects 248,000 Mobile Users Through Social Engineering Techniques
In 2024, the number of users affected by mobile banking malware skyrocketed to nearly 248,000, a staggering 3.6-fold increase from the previous year’s 69,000 affected users. This dramatic rise in malicious activity was particularly pronounced in …