Backdoor Found in Official XRP Ledger NPM Package
XRP Ledger SDK hit by supply chain attack: Malicious NPM versions stole private keys; users urged to update…
Crooks exploit the death of Pope Francis
Crooks exploit the death of Pope Francis, using public curiosity and emotion to launch scams and spread malware, an old tactic during global events. On April 24, 2025, after Pope Francis’ death, cybercriminals launched scams and malware attacks, exploiting public curiosity, grief, and confusion. Cybercriminals are ready to exploit any event of global interest, it […]
Elusive Comet Attack: Hackers Use Zoom Remote-Control to Steal Crypto
Hackers in the Elusive Comet campaign exploit Zoom’s remote-control feature to steal cryptocurrency, and over $100K lost in…
Android spyware hidden in mapping software targets Russian soldiers
A new Android spyware was discovered in a fake Alpine Quest app, reportedly used by Russian soldiers for war zone planning. Doctor Web researchers uncovered a new spyware, tracked as Android.Spy.1292.origin, targeting Russian military personnel. The malicious code was hidden in a trojanized Alpine Quest app and spread via Russian Android catalogs. The malware steals […]
Crypto mining campaign targets Docker environments with new evasion technique
New malware campaign targets Docker environments using unknown methods to secretly mine cryptocurrency, researchers warn. Researchers from Darktrace and Cado Security have spotted a malware campaign that targets Docker environments with a novel technique to mine cryptocurrency. The malware campaign targets Docker environments to deploy a malicious node connected to Teneo, a decentralized infrastructure network. […]
New Malware Hijacks Docker Images Using Unique Obfuscation Technique
A recently uncovered malware campaign targeting Docker, one of the most frequently attacked services according to Darktrace’s honeypot data, has revealed a startling level of sophistication in obfuscation and cryptojacking methods. This novel att…
The popular xrpl.js Ripple cryptocurrency library was compromised in a supply chain attack
The xrpl.js Ripple cryptocurrency library was compromised in a supply chain attack aimed at stealing users’ private keys. Threat actors compromised the Ripple cryptocurrency npm JavaScript library xrpl.js to harvest users’ private keys. xrpl.js is the recommended library for integrating a JavaScript/TypeScript app with the XRP, it has more than 140.000 weekly downloads. Hundreds of thousands of […]
Hackers Deploy New Malware Disguised as Networking Software Updates
A sophisticated backdoor has been uncovered targeting major organizations across Russia, including government bodies, financial institutions, and industrial sectors. This malware, distributed under the guise of legitimate updates for ViPNet a widely us…
Fake Alpine Quest Mapping App Spotted Spying on Russian Military
Fake Alpine Quest app laced with spyware was used to target Russian military Android devices, stealing location data,…
Millions of SK Telecom customers are potentially at risk following USIM data compromise
SK Telecom warned that threat actors accessed customer Universal Subscriber Identity Module (USIM) info through a malware attack. SK Telecom is South Korea’s largest wireless telecom company, a major player in the country’s mobile and tech landscape. It holds about 48% of the market share for mobile services, meaning around 34 million subscribers use its […]