Cloud Atlas activity in the first half of 2025: what changed
Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas.
Italian Ferry Malware Attack Sparks International Probe
French intelligence agencies uncovered what appears to be a coordinated foreign interference operation targeting the GNV Fantastic.
The post Italian Ferry Malware Attack Sparks International Probe appeared first on TechRepublic.
Lazarus Group Embed New BeaverTail Variant in Developer Tools
North Korea’s Lazarus Group deploys a new BeaverTail variant to steal credentials and crypto using fake job lures, dev tools, and smart contracts.
France Probes ‘Foreign Interference’ After Remote Control Malware Found on Passenger Ferry
France’s counterespionage agency is investigating a suspected cyberattack plot targeting an international passenger ferry
The post France Probes ‘Foreign Interference’ After Remote Control Malware Found on Passenger Ferry appeared first on …
Group Policy abuse reveals China-aligned espionage group targeting governments
ESET Research has identified a previously undocumented China-aligned advanced persistent threat group that uses Windows Group Policy to deploy malware and move through victim networks. The group, tracked as LongNosedGoblin, has targeted government inst…
14 Malicious NuGet Packages Found Stealing Crypto Wallets and Ad Data
ReversingLabs discovers 14 malicious NuGet packages, including Netherеum.All, using homoglyphs and fake downloads to steal crypto wallets and Google Ads data.
New ClickFix Attack Uses Fake Browser Fix to Install DarkGate Malware
Researchers at Point Wild have discovered a new ClickFix attack campaign that tricks users into manually installing DarkGate malware via fake browser extension alerts. Learn how this attack bypasses security by using the Windows Run box and how you can…
Askul data breach exposed over 700,000 records after ransomware attack
Askul disclosed that an October RansomHouse ransomware attack compromised over 700,000 records at the Japanese e-commerce and logistics firm. Askul is a Japanese e-commerce and logistics company best known for supplying office products, stationery, IT equipment, and everyday business consumables to companies and consumers. It operates large-scale fulfillment and delivery services across Japan and is […]
GhostPoster Firefox Extensions Hide Malware in Icons
The malware hijacks purchase commissions, tracks users, removes security headers, injects hidden iframes, and bypasses CAPTCHA.
The post GhostPoster Firefox Extensions Hide Malware in Icons appeared first on SecurityWeek.
Operation ForumTroll continues: Russian political scientists targeted using plagiarism reports
Kaspersky’s GReAT experts have uncovered a new wave of cyberattacks by the ForumTroll APT group, targeting Russian political scientists and delivering the Tuoni framework to their devices.