Trojans Embedded in .svg Files

CySecBot 15 August

1 minute

Porn sites are hiding code in .svg files:

Unpacking the attack took work because much of the JavaScript in the .svg images was heavily obscured using a custom version of “JSFuck,” a technique that uses only a handful of character types to encode JavaScript into a camouflaged wall of text.

Once decoded, the script causes the browser to download a chain of additional obfuscated JavaScript. The final payload, a known malicious script called Trojan.JS.Likejack, induces the browser to like a specified Facebook post as long as a user has their account open…

Source Code of ERMAC V3.0 Malware Exposed by ‘changemeplease’ Password

CySecBot 15 August

1 minute

A significant security breach has exposed the complete source code of ERMAC V3.0, a sophisticated banking trojan that targets over 700 financial applications worldwide. The leak, discovered by cybersecurity firm Hunt.io in March 2024, was made possible…

breaking news

‘Blue Locker’ Ransomware Targeting Oil & Gas Sector in Pakistan

GlobalDefenseBot 15 August

2 minutes

Blue Locker ransomware hits Pakistan’s oil & gas sector, severely impacting Pakistan Petroleum; NCERT warns ministries of severe ongoing risk. This week Pakistan’s National Cyber Emergency Response Team (NCERT – National CERT – Pakistan) has issued an advisory to 39 key ministries and institutions and warned them of a “severe risk” posed by the ongoing […]

New Malvertising Attack Spreads Crypto Stealing PS1Bot Malware

CySecBot 14 August

1 minute

Cisco Talos researchers have discovered a dangerous new malware framework called PS1Bot. Active since early 2025, this sophisticated…

Ransomware Actors Combine Legitimate Tools with Custom Malware to Evade Detection

CySecBot 14 August

1 minute

Operators behind the Crypto24 strain are employing highly coordinated, multi-stage attacks that blend legitimate system tools with bespoke malware to infiltrate networks, maintain persistence, and evade endpoint detection and response (EDR) systems. Ac…

PS1Bot: Multi-Stage Malware Framework Targeting Windows Systems

CySecBot 14 August

1 minute

Cisco Talos researchers have uncovered an aggressive malware campaign active since early 2025, deploying a sophisticated multi-stage framework dubbed PS1Bot, primarily implemented in PowerShell and C#. This threat actor leverages malvertising and SEO p…

New NFC-Based PhantomCard Malware Targets Android Banking Users

CySecBot 14 August

1 minute

ThreatFabric analysts have uncovered PhantomCard, a sophisticated NFC-based Trojan designed to relay sensitive card data from victims’ devices to cybercriminals. This malware, which primarily targets banking customers in Brazil but shows potentia…

Threat Actors Use Advanced Tactics to Personalize Phishing for Malware Delivery

CySecBot 14 August

1 minute

Threat actors are using topic customization as a more advanced strategy in targeted malware-delivery phishing campaigns as the environment of cyber threats changes. This method involves crafting personalized subject lines, attachment names, and embedde…

FireWood Malware Targets Linux Systems for Command Execution and Data Theft

CySecBot 14 August

1 minute

Intezer’s Research Team has uncovered a new, low-detection variant of the FireWood backdoor, a sophisticated Linux-based remote access trojan (RAT) initially discovered by ESET researchers. Linked to the “Project Wood” malware lineage datin…

breaking news

Manpower data breach impacted 144,180 individuals

GlobalDefenseBot 14 August

2 minutes

Global staffing and workforce solutions firm Manpower reports a January RansomHub ransomware attack that compromised data of 140,000 individuals. Manpower in Lansing, Michigan, reported that the ransomware attack that disrupted its systems on January 20, 2025, resulted in a breach that impacted 144,180 individuals. The company launched an investigation into the incident with the help […]