Cyber Attack
Malicious npm Utility Packages Enable Attackers to Wipe Production Systems
Socket's Threat Research Team has uncovered two malicious npm packages, express-api-sync and system-health-sync-api, designed to masquerade as legitimate utilities while embedding destructive backdoors capable of annihilating production systems.
Published under...
cyber security
HelloTDS Malware Spread via FakeCaptcha Infrastructure Infects Millions of Devices
In a Gen Threat Labs, a complex Traffic Direction System (TDS) dubbed "HelloTDS" has been uncovered, orchestrating the delivery of FakeCaptcha and other malicious...
Cyber Attack
ClickFix Attack Uses Fake Cloudflare Verification to Silently Deploy Malware
A newly identified social engineering attack dubbed "ClickFix" has emerged as a significant threat, leveraging meticulously crafted fake Cloudflare verification pages to trick users...
cyber security
ViperSoftX Malware Used by Threat Actors to Steal Sensitive Information
The AhnLab Security Intelligence Center (ASEC) has recently issued a detailed report confirming the persistent distribution of ViperSoftX malware by threat actors, with notable...
cyber security
U.S. Offers $10M Bounty for Information on RedLine Malware Creator
The US State Department has announced a reward of up to $10 million for information leading to the identification or location of Maxim Alexandrovich...
cyber security
New pathWiper Malware Targets Critical Infrastructure to Deploy Admin Tools
Cisco Talos has uncovered a sophisticated and destructive cyberattack targeting a critical infrastructure entity in Ukraine, deploying a previously unknown wiper malware dubbed "PathWiper."...
Android
BADBOX 2.0 Malware Hits Over a Million Android Devices in Global Cyber Threat
HUMAN’s Satori Threat Intelligence and Research team, in collaboration with Google, Trend Micro, and Shadowserver, has uncovered and partially disrupted a massive cyber fraud...
cyber security
ViperSoftX Malware Enhances Modularity, Stealth, and Persistence Techniques
The cybersecurity landscape witnessed the emergence of new PowerShell-based malware samples circulating in underground forums and threat-hunting communities, marking a significant evolution of the...
cyber security
WordPress Admins Cautioned About Fake Cache Plugin Stealing Admin Credentials
A newly identified malicious plugin, dubbed "wp-runtime-cache," has been discovered targeting WordPress sites with a sophisticated method to steal admin credentials.
Disguised as a...
cyber security
TA397 Hackers Exploits Scheduled Tasks to Deploy Malware on Targeted Systems
A recent in-depth analysis by Proofpoint Threat Research has shed light on the sophisticated operations of TA397, also known as Bitter, a suspected state-backed...
Android
Threat Actors Exploit Malware Loaders to Circumvent Android 13+ Accessibility Safeguards
Threat actors have successfully adapted to Google’s stringent accessibility restrictions introduced in Android 13 and later versions.
These safeguards, rolled out in May 2022, were...