A sophisticated social engineering campaign has surfaced on TikTok, leveraging the platform’s massive user base and algorithmic reach to distribute information-stealing malware, specifically Vidar and StealC. Identified by Trend Research, this at…
A comprehensive follow-up analysis to the FortiGuard Incident Response Team’s (FGIR) investigation titled “Intrusion into Middle East Critical National Infrastructure” has revealed a protracted cyberattack that targeted critical natio…
Forcepoint’s X-Labs reveals Remcos malware using new tricky phishing emails from compromised accounts and advanced evasion techniques like…
A OneClik campaign, likely carried out by China-linked actor, targets energy sectors using stealthy ClickOnce and Golang backdoors. Trellix cybersecurity researchers uncovered a new APT malware campaign, OneClik, targeting the energy, oil, and gas sectors. It abuses Microsoft’s ClickOnce deployment tech and custom Golang backdoors. While links to China-affiliated actors are suspected, attribution remains cautious. […]
China-linked Silver Fox hacking group is targeting Chinese users with fake installers carrying a RAT and a rootkit.
The post Chinese Hackers Target Chinese Users With RAT, Rootkit appeared first on SecurityWeek.
IBM X-Force researchers have uncovered a series of targeted cyberattacks orchestrated by the China-aligned threat actor Hive0154. Throughout 2025, this group has been deploying the Pubload malware, a potent backdoor, through meticulously crafted phishi…
Researchers have uncovered a new malware sample in the wild that employs a unique and unconventional evasion tactic: prompt injection aimed at manipulating AI models used in malware analysis. Dubbed “Skynet” by its creator, this malware, di…
Hackers spread a trojanized version of SonicWall VPN app to steal login credentials from users accessing corporate networks. Unknown threat actors are distributing a trojanized version of SonicWall NetExtender SSL VPN app to steal user credentials. The legitimate NetExtender app lets remote users securely access and use company network resources as if they were on-site. […]
G Data has observed a surge in malware infections originating from ConnectWise applications with modified certificate tables.
The post Hackers Abuse ConnectWise to Hide Malware appeared first on SecurityWeek.
SonicWall says a modified version of the legitimate NetExtender application contains information-stealing code.
The post SonicWall Warns of Trojanized NetExtender Stealing User Information appeared first on SecurityWeek.