Saturday, May 24, 2025

Malware

Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware

Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application for managing crypto assets via Ledger cold wallets. Since August 2024, Moonlock Lab has been...

GenAI Assistant DIANNA Uncovers New Obfuscated Malware

Deep Instinct’s GenAI-powered assistant, DIANNA, has identified a sophisticated new malware strain dubbed BypassERWDirectSyscallShellcodeLoader. This malware, reportedly crafted with the assistance of large language models...

New Formjacking Malware Targets E-Commerce Sites to Steal Credit Card Data

A disturbing new formjacking malware has emerged, specifically targeting WooCommerce-based e-commerce sites to steal sensitive credit card information, as recently uncovered by the Wordfence...

Researchers Uncover Infrastructure and TTPs Behind ALCATRAZ Malware

Elastic Security Labs has recently exposed a sophisticated new malware family dubbed DOUBLELOADER, observed in conjunction with the RHADAMANTHYS infostealer. This discovery sheds light...

Winos 4.0 Malware Masquerades as VPN and QQBrowser to Target Users

A sophisticated malware campaign deploying Winos 4.0, a memory-resident stager, has been uncovered by Rapid7, targeting users through fake installers of popular software like...

Operation Endgame Crushes DanaBot Malware, Shuts Down 150 C2 Servers and Halts 1,000 Daily Attacks

Operation Endgame II has delivered a devastating strike against DanaBot, a notorious malware that has plagued systems since its emergence in 2018. Initially designed as...

Cityworks Zero-Day Vulnerability Used by UAT-638 Hackers to Infect IIS Servers with Shell Malware

Cisco Talos has uncovered active exploitation of a zero-day remote-code-execution vulnerability, identified as CVE-2025-0994, in Cityworks, a widely used asset management system. This critical flaw...

Vidar and StealC Malware Delivered Through Viral TikTok Videos by Hackers

A sophisticated social engineering campaign that leverages the viral power of TikTok to distribute dangerous information-stealing malware, specifically Vidar and StealC. This alarming trend marks...

Malicious VS Code Extensions Target Windows Solidity Developers to Steal Login Credentials

Datadog Security Research has uncovered a targeted malware campaign aimed at Solidity developers on Windows systems, using malicious Visual Studio Code (VS Code) extensions...

Lumma Stealer Infrastructure Behind Global Attacks on Millions of Users Dismantled

The U.S. Justice Department, in collaboration with the FBI and private sector partners like Microsoft, has announced the disruption of the Lumma Stealer (also...

Hackers Exploit PyBitmessage Library to Evade Antivirus and Network Security Detection

The AhnLab Security Intelligence Center (ASEC) has uncovered a new strain of backdoor malware being distributed alongside a Monero coin miner. This malware leverages the...