SentinelOne says the fake Zoom update scam delivers ‘NimDoor’, a rare Nim-compiled backdoor.
The post North Korean Hackers Use Fake Zoom Updates to Install macOS Malware appeared first on SecurityWeek.
The weaponization of Windows shortcut (LNK) files for malware distribution has increased by an astounding 50%, according to telemetry data, with dangerous samples rising from 21,098 in 2023 to 68,392 in 2024. These LNK files, typically used as virtual …
Gamaredon, a Russia-aligned advanced persistent threat (APT) group attributed by Ukraine’s Security Service (SSU) to the FSB’s 18th Center of Information Security, has exclusively targeted Ukrainian governmental institutions throughout 2024, abandoning…
A sophisticated campaign by North Korean (DPRK)-aligned threat actors targeting Web3 and cryptocurrency businesses has been uncovered, showcasing an alarming evolution in macOS malware tactics. According to detailed analysis by SentinelLABS, alongside …
U.S. Treasury sanctions Russia-based Aeza Group and affiliates for aiding cybercriminals via bulletproof hosting services. The U.S. Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Russia-based Aeza Group for aiding global cybercriminals via bulletproof hosting services. A bulletproof hosting service is a type of internet hosting provider that knowingly allows cybercriminals to host malicious content […]
OX Research conducted a ground-breaking study in May and June 2025 that revealed concerning security flaws in the extension verification procedures of some of the most popular Integrated Development Environments (IDEs), such as Visual Studio Code (VSCo…
A whole class of speculative execution attacks against CPUs were published in 2018. They seemed pretty catastrophic at the time. But the fixes were as well. Speculative execution was a way to speed up CPUs, and removing those enhancements resulted in significant performance drops.
Now, people are rethinking the trade-off. Ubuntu has disabled some protections, resulting in 20% performance boost.
After discussion between Intel and Canonical’s security teams, we are in agreement that Spectre no longer needs to be mitigated for the GPU at the Compute Runtime level. At this point, Spectre has been mitigated in the kernel, and a clear warning from the Compute Runtime build serves as a notification for those running modified kernels without those patches. For these reasons, we feel that Spectre mitigations in Compute Runtime no longer offer enough security impact to justify the current performance tradeoff…
A recent in-depth investigation by Intrinsec has exposed a sprawling network of over 300 cracking websites, orchestrated by Pakistani freelancers, designed to distribute info-stealing malware. These sites, often masquerading as legitimate sources for c…
A sophisticated malware campaign targeting WordPress websites has recently been uncovered, showcasing an intricate and stealthy approach to delivering a Windows-based trojan. This attack, which operates beneath the surface of seemingly clean websites, …
A sophisticated phishing campaign has emerged, distributing the notorious Remcos Remote Access Trojan (RAT) through the DBatLoader malware. This attack chain, analyzed in ANY.RUN’s Interactive Sandbox, leverages a combination of User Account Control (U…