The official website for Xubuntu, a community-maintained “flavour” of Ubuntu that ships with the Xfce desktop environment, has been compromised to serve Windows malware instead of the Linux distro. The malicious download Reports about a pot…
China-linked Salt Typhoon hacked a European telecom in July 2025 via a Citrix NetScaler Gateway exploit for initial access. A European telecom firm was targeted in July 2025 by China-linked APT group Salt Typhoon (also known as Earth Estries, FamousSparrow, GhostEmperor, UNC5807, RedMike)), which exploited a Citrix NetScaler Gateway to gain initial access. In late […]
The malware uses invisible Unicode characters to hide its code and blockchain-based infrastructure to prevent takedowns.
The post Supply Chain Attack Targets VS Code Extensions With ‘GlassWorm’ Malware appeared first on SecurityWeek.
A new campaign targets Russia’s auto and e-commerce sectors using a previously unknown .NET malware called CAPI Backdoor. Cybersecurity researchers at Seqrite Labs uncovered a new campaign, tracked as Operation MotorBeacon, that targeted the Russian automobile and e-commerce sectors with a previously unknown .NET malware dubbed CAPI Backdoor. “SEQRITE Labs Research Team has recently uncovered a […]
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Astaroth: Banking Trojan Abusing GitHub for Resilience North Korea’s Contagious Interview Campaign Escalates: 338 Malicious npm Packages, 50,000 Downloads New Rust Malware “ChaosBot” Uses Discord for Command and Control Weaponizing Discord for Command and […]
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Winos 4.0 hackers expand to Japan and Malaysia with new malware From Airport chaos to cyber […]
Winos 4.0 hackers expand from China, Taiwan to Japan, Malaysia using fake Finance Ministry PDFs to spread HoldingHands RAT malware. Threat actors behind Winos 4.0 (ValleyRAT) have expanded their attacks from China and Taiwan to Japan and Malaysia, using PDFs disguised as documents from the Finance Ministry to deliver malware. Attackers employed another remote access […]
Everest claims Collins Aerospace hack hitting EU airports, but its leak site vanishes soon after, sparking takedown speculation. Do you remember the Collins Aerospace supply chain attack that disrupted operations at several major European airports, including Heathrow in London, Brussels, and Berlin? In September, a cyberattack on Collins Aerospace disrupted check-in and boarding systems at […]
Attackers are exploiting Google Ads with fake Comet Browser download links to spread malware disguised as Perplexity’s official installer. The campaign, tracked by DataDome, has ties to DarkGate.
Microsoft revoked 200+ certificates used by Vanilla Tempest to sign fake Teams installers spreading Oyster backdoor and Rhysida ransomware. Microsoft revoked over 200 certificates used by the cybercrime group Vanilla Tempest (aka VICE SPIDER and Vice Society) to sign fake Teams installers spreading the Oyster backdoor and Rhysida ransomware. The threat actor has been active […]