SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 29
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via...
View ArticleClik here to view.
Malicious npm and PyPI target Solana Private keys to steal funds from...
Researchers found malicious npm and PyPI packages capable of stealing and deleting sensitive data from infected systems. Socket researchers have identified multiple packages in the npm and Python...
View ArticleClik here to view.
Esperts found new DoNot Team APT group’s Android malware
Researchers linked the threat actor DoNot Team to a new Android malware that was employed in highly targeted cyber attacks. CYFIRMA researchers linked a recently discovered Android malware to the...
View ArticleClik here to view.
New Mirai botnet variant Murdoc Botnet targets AVTECH IP cameras and Huawei...
Researchers warn of a campaign exploiting AVTECH IP cameras and Huawei HG532 routers to create a Mirai botnet variant called Murdoc Botnet. Murdoc Botnet is a new Mirai botnet variant that targets...
View ArticleTwo ransomware groups abuse Microsoft’s Office 365 platform to gain access to...
Two ransomware groups exploiting Microsoft 365 services and default settings to target internal enterprise users. Sophos researchers started investigating two distinct clusters of activity, tracked as...
View ArticleJ-magic malware campaign targets Juniper routers
Threat actors are targeting Juniper routers with a custom backdoor in a campaign called code-named “J-magic,” attackers are exploiting a Magic Packet flaw. Lumen Technologies researchers reported that...
View ArticleSECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 30
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Gmail For Exfiltration: Malicious npm Packages Target Solana...
View ArticleClik here to view.
ESXi ransomware attacks use SSH tunnels to avoid detection
Threat actors behind ESXi ransomware attacks target virtualized environments using SSH tunneling to avoid detection. Researchers at cybersecurity firm Sygnia warn that threat actors behind ESXi...
View ArticleClik here to view.
GamaCopy targets Russia mimicking Russia-linked Gamaredon APT
New threat actor GamaCopy mimics Russia-linked Gamaredon APT in attacks on Russian-speaking targets. The Knownsec 404 Advanced Threat Intelligence team recently analyzed attacks on Russian-speaking...
View ArticleApple fixed the first actively exploited zero-day of 2025
Apple addressed the first zero-day vulnerability of 2025, which is actively exploited in attacks in the wild aimed at iPhone users. Apple released security updates to address 2025’s first zero-day...
View ArticleRansomware attack on ENGlobal compromised personal information
ENGlobal reported to the SEC that personal information was compromised in a ransomware attack that took place in November 2024. ENGlobal disclosed a ransomware attack that occurred in November, in a...
View ArticleClik here to view.
Aquabot variant v3 targets Mitel SIP phones
A new variant of the Mirai-based botnet Aquabot targets vulnerable Mitel SIP phones to recruit them into a DDoS botnet. Akamai researchers spotted a new variant of the Mirai-based botnet Aquabot that...
View ArticleA ransomware attack forced New York Blood Center to reschedule appointments
The New York Blood Center faced a ransomware attack on Sunday, forcing the healthcare organization to reschedule appointments. The New York Blood Center suffered a ransomware attack on Sunday, causing...
View ArticleRansomware attack hit Indian multinational Tata Technologies
Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies, a Tata Motors subsidiary, suspended some IT...
View ArticleWhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware
Meta announced the disruption of a malware campaign via WhatsApp that targeted journalists with the Paragon spyware. Meta announced that discovered and dismantled a malware campaign via WhatsApp that...
View ArticleSECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 31
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. ESXi Ransomware Attacks: Stealthy Persistence through SSH...
View ArticleClik here to view.
Crazy Evil gang runs over 10 highly specialized social media scams
The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Since 2021, the Crazy Evil gang has become a major...
View ArticleClik here to view.
Web Skimmer found on at least 17 websites, including Casio UK
Casio Website Infected With Skimmer A threat actor has installed a web skimmer on all pages of the Casio UK’s website, except the checkout page. Jscrambler researchers uncovered a web skimmer...
View ArticleClik here to view.
Coyote Banking Trojan targets Brazilian users, stealing data from 70+...
Coyote Banking Trojan targets Brazilian users, stealing data from over 70 financial applications and websites. FortiGuard Labs researchers detected a campaign using LNK files executing PowerShell...
View ArticleClik here to view.
SparkCat campaign target crypto wallets using OCR to steal recovery phrases
In late 2024, Kaspersky experts discovered a malicious campaign, called SparkCat, spreading malware to target crypto wallets. In March 2023, ESET found malware in modified versions of messengers using...
View Article