TAMECAT is a sophisticated PowerShell-based backdoor linked to APT42, an Iranian state-sponsored hacking group. It steals login credentials from Microsoft Edge and Chrome browsers while evading detection. Security researchers from Israel’s Nation…
A sophisticated Android RAT campaign that exploits Hugging Face’s popular machine learning platform to host and distribute malicious payloads. Attackers combine social engineering, legitimate infrastructure abuse, and Accessibility Services explo…
A sophisticated traffic distribution system (TDS) hiding behind education-themed domains. The operation uses bulletproof hosting to deliver phishing pages, scams, and malware files. Analysts triaged a first-stage JavaScript loader from hxxps[:]//toxics…
A malicious VS Code extension in the Open VSX registry that masquerades as the popular Angular Language Service. Published two weeks ago, it amassed 5,066 downloads before activating sophisticated malware. The extension bundles legitimate Angular tooli…
Android users were lured to applications that served a malicious payload hosted in a Hugging Face repository.
The post Hugging Face Abused to Deploy Android RAT appeared first on SecurityWeek.
Google disrupted IPIDEA, a major residential proxy network that enrolled users’ devices via SDKs embedded in mobile and desktop apps. Google and partners disrupted the IPIDEA residential proxy network, used by many threat actors, via legal domain takedowns, intelligence sharing on malicious SDKs, and ecosystem-wide enforcement. Google Play Protect now removes and blocks apps with […]
The update infrastructure for eScan antivirus, a product of Indian cybersecurity company MicroWorld Technologies, has been compromised by unknown attackers to deliver a persistent downloader to enterprise and consumer endpoints. The supply chain compro…
Mac users searching for software on Google or other search engines should be extra careful.
Open source malware activity during 2025 concentrated on a single objective: executing code inside developer environments, according to Sonatype. The focus reflected a broader shift in supply chain attacks away from end users and toward the tools, mach…
ESET researchers have identified an Android spyware campaign that uses romance scam tactics to target individuals in Pakistan. The operation relies on a malicious app disguised as a chat service that routes conversations through WhatsApp. Behind the ro…