Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet Predator Still Active, with New Client and Corporate Links Identified Threat Group Targets Companies in Taiwan Feeling Blue(Noroff): Inside a Sophisticated DPRK Web3 Intrusion Anubis: A […]
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Iran confirmed it shut down internet to protect the country against cyberattacks Godfather Android trojan uses […]
DuckDuckGo has rolled out an advanced update to its browser’s built-in Scam Blocker, a robust security feature designed to shield users from a wide array of online threats, including phishing sites, malware, and sophisticated scams. Now integrated into…
A new FS-ISAC and Akamai report warns that sophisticated DDoS attacks are severely impacting the global financial sector, leading to multi-day outages. Learn about these evolving threats and how institutions can strengthen defences.
Godfather Android trojan uses virtualization to hijack banking and crypto apps, stealing user funds, warns mobile security firm Zimperium. Zimperium zLabs has uncovered a major evolution of the GodFather Android trojan, which uses on-device virtualization to hijack real banking and crypto apps. Instead of using fake overlays, the malware creates a sandbox on the victim’s […]
China’s National Cybersecurity Notification Center has issued an urgent warning about critical vulnerabilities in ComfyUI, a widely used image-generation framework for large AI models. These flaws, already under active exploitation by hacker groups, ha…
A malicious campaign tracked as Mocha Manakin has been identified employing the deceptive “paste-and-run” technique to trick unsuspecting users into executing harmful scripts. First observed in August 2024 and actively monitored since Janua…
CyberArmor has uncovered a sophisticated phishing campaign exploiting Vercel, a widely used frontend hosting platform, to distribute a malicious variant of LogMeIn, a legitimate remote access tool. Over the past two months, threat actors have orchestra…
A recent threat hunting session has revealed a sophisticated PowerShell script, named y1.ps1, hosted in an open directory on a Chinese server (IP: 123.207.215.76). First detected on June 1, 2025, this script operates as a shellcode loader, employing ad…
Red Canary uncovers ‘Mocha Manakin,’ a new threat using paste and runs to deliver custom NodeInitRAT malware, potentially leading to ransomware. Learn to protect your systems.