50+ Malicious Chrome Extensions Hit 30K Users
50+ malicious Chrome extensions posing as “live wallpaper” utilities have been caught running an adware operation that hijacks browser behavior and quietly p...
Campaigns
20 articles
Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content
Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims' system...
Hackers Spread WeedHack Malware via YouTube and SEO Poisoning
Hackers are increasingly abusing trusted platforms like YouTube and search engines to distribute malware, and a newly uncovered campaign targeting Minecraft ...
North Korean APT Targets macOS to Steal Crypto Wallets and SSH Keys
A newly uncovered macOS intrusion campaign attributed to the North Korean state-sponsored threat group Sapphire Sleet, also known as BlueNoroff or UNC1069, i...
Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign
A large-scale npm supply chain attack compromised over 90 versions of @redhat-cloud-services packages, silently infecting CI/CD environments and developer sy...
Over 116,000 Mincraft systems infected in WeedHack malware campaign
A large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January. [.
Over 116,000 Minecraft systems infected in WeedHack malware campaign
A large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January. [.
DriveSurge actor uses ClickFix and FakeUpdates to distribute malware via compromised websites
The DriveSurge threat actor operates as an initial access broker, utilizing a pay-per-install model to facilitate subsequent attacks, according to research b...
Stolen Gemini API Keys Fuel Automated Telegram Influence Campaign
A long-running Telegram influence and fraud campaign where a solo threat actor leveraged stolen Google Gemini API keys and jailbroken AI to automate content ...
The Zero-Knowledge Threat Actor and the End of Responsible Disclosure
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code. Th...
Infected Red Hat npm packages expose developer credentials
Developers who pulled packages from Red Hat’s @redhat-cloud-services npm namespace over the weekend got a secret-stealing worm instead. Security researchers ...
Foreign Spyware Found on Phones of Top Russian Officials
Russian authorities have disclosed a suspected large-scale cyber espionage operation targeting the mobile devices of senior government officials, raising fre...
Threat Actor Uses AI to Build EDR Evasion Tools
A threat actor used AI coding tools to build and test EDR evasion malware, Sophos finds
Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor
Operation FlutterBridge is a malvertising campaign targeting macOS users. It distributed the new backdoor FlutterShell, built using the Flutter framework.
Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan'...
34 Malicious Packages Steal Cloud Keys, Wallets, and SSH Credentials
Hackers are actively abusing open-source ecosystems to steal sensitive developer data through a large-scale supply chain attack dubbed “TrapDoor,”. The campa...
Red Hat Cloud Services npm Packages Hijacked in Credential-Theft Malware Campaign
A large-scale software supply chain attack has compromised multiple official npm packages under the @redhat-cloud-services scope, exposing thousands of devel...
Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-...
Malware hides in Steam comments to infect WordPress sites
The malware campaign, discovered in July 2025, has affected approximately 1,980 WordPress sites.
Russian hacker used AI to run fraud scheme on MAGA Telegram channel
The threat actor created the public Telegram channel, @americanpatriotus, shortly after the Capitol riot in 2021.