New IronWorm malware hits 36 packages in npm supply-chain attack
A new supply-chain attack has infected 36 packages on the Node Package Manager (npm) index with infostealer malware called IronWorm. [.
Malware
20 articles
Infosecurity Europe: AI Adoption Creates New Opportunities for Attackers to Distribute Malware, Microsoft Warns
Microsoft Detection and Response Team (DART) details how it has uncovered malicious AI applications as cyber criminals manipulate organizations adopting AI t...
Fake Ghidra, dnSpy & SpiderFoot Sites Used to Spread Malware
Hackers are abusing search results and professional-looking fake download portals to distribute malware by impersonating popular security tools like Ghidra, ...
Dutch police, NCSC take down major botnet
A collaboration between the Dutch National Police and the National Cyber Security Centre (NCSC), has seen a large botnet being shut down. In this operation, ...
Chinese hackers use new Atlas RAT malware in European cyberattacks
A Chinese-speaking cybercrime group has expanded its targeting to the European space, deploying previously undocumented malware and the Atlas backdoor. [.
China-Linked TA4922 Hackers Target UK, Europe With New SilentRunLoader Malware
Proofpoint says TA4922, a suspected China aligned cybercrime group, is targeting UK and European organisations with tax, payroll and benefits themed malware ...
Impersonation, Click Hijacking, and TDS: Inside a Malware Distribution Ecosystem
Research by: Alexey Bukhteyev Key Takeaways Introduction When we search Google for a popular piece of software, we usually click the first result, sometimes ...
Inside the Cross-Platform Propagation of a New Gafgyt Variant C0XMO
FortiGuard Labs analyzes C0XMO, a new Gafgyt variant leveraging DD-WRT exploitation and multi-architecture propagation to expand IoT botnet infections.
Autonomous AI-driven worm can reason its way through corporate networks
Researchers at the University of Toronto, the Vector Institute, and the University of Cambridge have built and tested a proof-of-concept AI-driven worm that ...
Argamal: Malware hidden in hentai games
Kaspersky researchers analyze new Argamal RAT distributed via infected hentai games and allowing the attacker to control the target machine.
Fake Purchase Orders Spread JS.MonoGlyphRAT in U.S. Enterprise Attacks
Hackers are using highly convincing fake purchase orders and sales documents to sneak a new JavaScript backdoor, JS.MonoGlyphRAT, into US enterprises, where ...
Fake ChatGPT Desktop App Ads Used to Push Password-Stealing Malware
Fake ChatGPT desktop app ads pushed password-stealing malware by abusing trusted AI links, hiding from scanners, and tricking users into downloads.
Supply Chain Attack Hits 32 Red Hat NPM Packages
Hackers published 96 malicious package versions, injected with a credential-stealing worm similar to Mini Shai-Hulud. The post Supply Chain Attack Hits 32 Re...
Red Hat npm packages compromised in new Mini Shai-Hulud malware wave
Unknown attackers have compromised 30+ Red Hat Cloud Services npm packages with malware that goes after credentials stored in developers’ build environment. ...
Zero trust physical security needs trust decisions at the edge
In this interview with Help Net Security, Chuck Davis, VP, Global Information Security at Hikvision, explains how zero trust applies to physical security sys...
This AI model backdoor attack stays hidden until you customize the model
Most teams that deploy AI start with a backbone model. They download a large pre-trained system, adapt it to a specific task, and put it into production.
Red Hat npm packages compromised to steal developer credentials
More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the ...
Dutch Police Dismantle Massive 17-Million-Device Botnet
Dutch authorities seized command-and-control servers tied to a botnet of infected computers, smartphones, and tablets that was allegedly used to power a resi...
Dutch authorities disrupt massive botnet of 17 million devices
The operation, a collaboration between Dutch police and the National Cyber Security Centre (NCSC), targeted servers hosted by a local provider.
FSB Group Gamaredon Hides Worm in Windows Data Streams
FSB-linked Gamaredon concealed a fileless worm in NTFS data streams to spy on Ukraine targets