Clik here to view.
Experts warn of the new sophisticate Crocodilus mobile banking Trojan
The new Android trojan Crocodilus exploits accessibility features to steal banking and crypto credentials, mainly targeting users in Spain and Turkey. ThreatFabric researchers discovered a new Android...
View ArticleClik here to view.
Sam’s Club Investigates Alleged Cl0p Ransomware Breach
The Walmart-owned membership warehouse club chain Sam’s Club is investigating claims of a Cl0p ransomware security breach. Sam’s Club is a membership warehouse club chain in the United States, owned...
View ArticleSECURITY AFFAIRS MALWARE NEWSLETTER ROUND 39
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Microsoft Trusted Signing service abused to code-sign malware...
View ArticleCISA warns of RESURGE malware exploiting Ivanti flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of RESURGE malware, targeting a vulnerability in Ivanti Connect Secure (ICS) appliances. The U.S. Cybersecurity and...
View ArticleCoffeeLoader uses a GPU-based packer to evade detection
CoffeeLoader is a sophisticated malware that uses numerous techniques to bypass security solutions, Zscaler ThreatLabz warns. Zscaler ThreatLabz discovered CoffeeLoader, a malware family active since...
View ArticleClik here to view.
Russia-linked Gamaredon targets Ukraine with Remcos RAT
Russia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Talos researchers warn that Russia-linked APT group...
View ArticleClik here to view.
Hiding WordPress malware in the mu-plugins directory to avoid detection
Sucuri researchers spotted threat actors deploying WordPress malware in the mu-plugins directory to evade security checks. In February, Sucuri warned of threat actors exploiting WordPress mu-plugins,...
View ArticleClik here to view.
New advanced FIN7’s Anubis backdoor allows to gain full system control on...
FIN7 cybercrime group has been linked to Anubis, a Python-based backdoor that provides remote access to compromised Windows systems. The threat actor FIN7, also known as Savage Ladybug, has developed...
View ArticleNew Triada Trojan comes preinstalled on Android devices
A new Triada trojan variant comes preinstalled on Android devices, stealing data on setup, warn researchers from Kaspersky. Kaspersky researchers discovered a new Triada trojan variant preinstalled on...
View ArticleClik here to view.
CERT-UA reports attacks in March 2025 targeting Ukrainian agencies with...
CERT-UA reported three cyberattacks targeting Ukraine’s state agencies and critical infrastructure to steal sensitive data. The Computer Emergency Response Team of Ukraine (CERT-UA) reported three...
View ArticleClik here to view.
Port of Seattle ‘s August data breach impacted 90,000 people
Port of Seattle is notifying 90,000 people of a data breach after personal data was stolen in a ransomware attack in August 2024. In August 2024, a cyber attack hit the Port of Seattle, which also...
View ArticleSECURITY AFFAIRS MALWARE NEWSLETTER ROUND 40
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CISA Releases Malware Analysis Report on RESURGE Malware...
View ArticleEverest ransomware group’s Tor leak site offline after a defacement
The Tor leak site of the Everest ransomware group went offline after being hacked and defaced over the weekend. The Everest ransomware gang’s darknet site went offline after being hacked and defaced,...
View ArticleClik here to view.
AkiraBot: AI-Powered spam bot evades CAPTCHA to target 80,000+ websites
AkiraBot, a CAPTCHA-evading Python framework, has spammed over 80,000 websites with AI-generated messages, targeting small and medium-sized businesses. SentinelOne’s SentinelLabs researchers warn that...
View ArticleSECURITY AFFAIRS MALWARE NEWSLETTER ROUND 41
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add...
View ArticleClik here to view.
South African telecom provider Cell C disclosed a data breach following a...
Cell C, one of the biggest telecom providers in South Africa confirms a data breach following a 2024 cyberattack. Cell C is the fourth-largest mobile network operator in South Africa, ,after Vodacom,...
View ArticleClik here to view.
Malicious NPM packages target PayPal users
Threat actors deploy malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers. Fortinet researchers discovered multiple malicious NPM packages that are used to target...
View ArticleClik here to view.
New malware ‘ResolverRAT’ targets healthcare, pharmaceutical firms
New malware ‘ResolverRAT’ is targeting healthcare and pharmaceutical firms, using advanced capabilities to steal sensitive data. Morphisec researchers discovered a new malware dubbed ‘ResolverRAT’...
View ArticleGovernment contractor Conduent disclosed a data breach
The business services provider Conduent told the SEC a January cyberattack exposed personal data, including names and Social Security numbers. The business services provider Conduent revealed that...
View ArticleClik here to view.
Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps
Cheap Chinese Android phones ship with trojanized WhatsApp and Telegram clones hiding crypto clippers, active since June 2024. Since June 2024, Doctor Web researchers found cheap Android phones...
View Article