Fullscreen BitM Attack Discovered by SquareX Exploits Browser Fullscreen APIs to Steal Credentials in Safari
PALO ALTO, California, 29th May 2025, CyberNewsWire
New Malware Spotted Corrupts Its Own Headers to Block Analysis
Fortinet spots new malware that corrupts its own headers to block forensic analysis, hide behavior, and communicate with its C2 server.
China-linked APT41 used Google Calendar as C2 to control its TOUGHPROGRESS malware
Google says China-linked group APT41 controlled malware via Google Calendar to target governments through a hacked site. Google warns that China-linked APT41 used TOUGHPROGRESS malware with Google Calendar as C2, targeting various government entities via a compromised website. ” In late October 2024, GTIG discovered an exploited government website hosting malware being used to target multiple […]
New Spear-Phishing Campaign Targets Financial Executives with NetBird Malware
Trellix’s email security systems detected a highly targeted spear-phishing campaign aimed at CFOs and finance executives across industries like banking, energy, insurance, and investment firms in regions spanning Europe, Africa, Canada, the Middl…
APT Hackers Turn Google Calendar Into Command Hub Using TOUGHPROGRESS Malware, Google Alerts
Google Threat Intelligence Group (GTIG), a sophisticated malware campaign dubbed “TOUGHPROGRESS” has been uncovered, orchestrated by the notorious PRC-based threat actor APT41, also known as HOODOO. Identified in late October 2024, this cam…
New AyySSHush botnet compromised over 9,000 ASUS routers, adding a persistent SSH backdoor.
GreyNoise researchers warn of a new AyySSHush botnet compromised over 9,000 ASUS routers, adding a persistent SSH backdoor. GreyNoise discovered the AyySSHush botnet has hacked over 9,000 ASUS routers, adding a persistent SSH backdoor. “Using an AI powered network traffic analysis tool we built called SIFT, GreyNoise has caught multiple anomalous network payloads with zero-effort that […]
Zanubis Android Malware Harvests Banking Credentials and Executes Remote Commands
The Zanubis Android banking Trojan has evolved into a highly sophisticated threat, initially targeting financial institutions in Peru before expanding its scope to virtual cards and cryptocurrency wallets. This malware, known for impersonating legitima…
Fake AI Video Tool Ads on Facebook, LinkedIn Spread Infostealers
Mandiant Threat Defense uncovers a campaign where Vietnam-based group UNC6032 tricks users with malicious social media ads for…
Malware Hidden in AI Models on PyPI Targets Alibaba AI Labs Users
ReversingLabs discovers new malware hidden inside AI/ML models on PyPI, targeting Alibaba AI Labs users. Learn how attackers…
New PumaBot targets Linux IoT surveillance devices
PumaBot targets Linux IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and mine crypto. Darktrace researchers discovered a new botnet called PumaBot targets Linux-based IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and mine cryptocurrency. PumaBot skips broad internet scans and instead pulls a list of targets from its […]