Security Affairs

MARCH 24, 2025

The FBI warns of a significant increase in scams involving free online document converters to infect users with malware. The FBI warns that threat actors use malicious online document converters to steal users sensitive information and infect their systems with malware. ” reads the alert. ” continues the alert.

Malware 115

Malware Scams Identity Theft Antivirus 115

Security Affairs

OCTOBER 30, 2024

The latest FakeCall malware version for Android intercepts outgoing bank calls, redirecting them to attackers to steal sensitive info and bank funds. Zimperium researchers spotted a new version of the FakeCall malware for Android that hijacks outgoing victims’ calls and redirects them to the attacker’s phone number.

Banking 130

Banking Malware Accountability Phishing 130

Security Affairs

APRIL 21, 2025

Cleafy researchers discovered a new malware-as-a-service (MaaS) called SuperCard X targeting Android devices with NFC relay attacks for fraudulent cash-outs. Analysis of the SuperCard X campaign in Italy revealed custom malware builds tailored for regional use.

Malware 105

Malware Social Engineering Banking Engineering 105

Security Affairs

APRIL 21, 2025

Russia-linked group APT29 targeted diplomatic entities across Europe with a new malware loader codenamed GRAPELOADER. The phishing emails either led to malware delivery via GRAPELOADER or redirected to the Ministry’s real website to appear legitimate. The malware is highly targeted and leaves no traces of the next-stage payload.

Malware 103

Malware Phishing Encryption Hacking 103

Security Affairs

OCTOBER 20, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 122

Malware Ransomware Encryption Phishing 122

Security Affairs

APRIL 2, 2025

FIN7 cybercrime group has been linked to Anubis, a Python-based backdoor that provides remote access to compromised Windows systems. The threat actor FIN7 , also known as Savage Ladybug, has developed a new Python-based malware, named Anubis Backdoor, which allows attackers to gain full remote control over infected Windows systems.

Antivirus 126

Antivirus Cybercrime Malware Encryption 126

Security Affairs

APRIL 1, 2025

Sucuri researchers spotted threat actors deploying WordPress malware in the mu-plugins directory to evade security checks. The experts detailed two cases of malware hiding in the mu-plugins directory, which use different methods to compromise WordPress sites. The second malware is a Remote Code Execution Webshell.

Malware 87

Malware Firewall Hacking Cybercrime 87

Security Affairs

FEBRUARY 24, 2025

CYFIRMA researchers discovered that the SpyLend Android malware was downloaded 100,000 times from the official app store Google Play. CYFIRMA researchers discovered an Android malware, named SpyLend, which was distributed through Google Play as Finance Simplified.

Malware 117

Malware Marketing Hacking Mobile 117

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions.

Malware 119

Malware Advertising Antivirus Cybercrime 119

Security Affairs

MARCH 28, 2025

“Preliminary findings indicate that the suspects developed malware called Mamont, which they distributed via Telegram channels under the guise of safe mobile applications and video files. ” The authorities linked the three suspects to over 300 cybercrimes, the police seized servers, computers, storage devices, and bank cards. .”

Banking 113

Banking Computers and Electronics Mobile Malware 113

Security Affairs

OCTOBER 29, 2024

RedLine and META targeted millions of victims worldwide, according to Eurojust it was one of the largest malware platforms globally. “Investigations into RedLine and Meta started after victims came forward and a security company notified authorities about possible servers in the Netherlands linked to the software.

Identity Theft 124

Identity Theft Malware Passwords Banking 124

Security Affairs

APRIL 20, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malicious NPM Packages Targeting PayPal Users New Malware Variant Identified: ResolverRAT Enters the Maze Nice chatting with you: what connects cheap Android smartphones, WhatsApp and cryptocurrency theft?

Malware 76

Malware Cryptocurrency Engineering Encryption 76

Security Affairs

FEBRUARY 13, 2025

Valve removed a game from Steam because it contained malware, the company also warned affected users to reformat their operating systems. The Steam account of the developer for this game uploaded builds to Steam that contained suspected malware. ” A game called PirateFi released on Steam last week and it contained malware.

Malware 108

Malware Antivirus Accountability Software 108

Security Affairs

APRIL 6, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure Unboxing Anubis: Exploring the Stealthy Tactics of FIN7’s Latest Backdoor Advancements in delivery: Scripting with (..)

Malware 74

Malware Cryptocurrency Hacking Accountability 74

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware 237

Malware VPN Internet Internet 237

Security Affairs

JANUARY 30, 2025

An international law enforcement operation targeted several major cybercrime websites, including Cracked, Nulled, Sellix, and StarkRDP. An international law enforcement operation led by Europol, code-named Operation Talent, dismantled several major cybercrime sites, including Cracked, Nulled, Sellix, and StarkRDP. and Nulled.to.”

Cybercrime 60

Cybercrime Hacking Cryptocurrency Phishing 60

Security Affairs

MARCH 26, 2025

New ReaderUpdate malware variants, now written in Crystal, Nim, Rust, and Go, targets macOS users, SentinelOne warns. SentinelOne researchers warn that multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages, are targeting macOS users. The malware maintains persistence via a.plist file.

Malware 70

Malware Adware Antivirus Marketing 70

Security Affairs

OCTOBER 20, 2024

CISA adds Microsoft Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog GitHub addressed a critical vulnerability in Enterprise Server A new Linux variant of FASTCash malware targets financial systems WordPress Jetpack plugin critical flaw impacts 27 million sites Pokemon dev Game Freak discloses (..)

Data breaches 116

Data breaches Cybercrime Cyber Insurance Marketing 116

Security Affairs

APRIL 13, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads BadBazaar: iOS and Android Surveillanceware by Chinas APT15 Used to Target Tibetans and Uyghurs GOFFEE continues to attack (..)

Malware 71

Malware Spyware Government Mobile 71

Security Affairs

MARCH 25, 2025

Researchers warn of a new Android malware that uses.NET MAUI to mimic legit services and evade detection. McAfee researchers warn of Android malware campaigns using.NET MAUI to evade detection. Another malware observed by the experts targets Chinese-speaking users, stealing contacts, SMS, and photos through third-party app stores.

Malware 72

Malware Encryption Banking Cyber threats 72

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime 349

Cybercrime Malware VPN Ransomware 349

Security Affairs

NOVEMBER 26, 2024

Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. The code is now available on GitHub. concludes the report.

Malware 143

Malware Cryptocurrency Encryption Passwords 143

Security Affairs

MAY 27, 2024

Experts warn of a new ATM malware family that is advertised in the cybercrime underground, it was developed to target Europe. A threat actor is advertising a new ATM malware family that claims to be able of compromised 99% of devices in Europe. “The malware is fully automated, simplifying its deployment and operation.”

Malware 145

Malware Banking Advertising Cybercrime 145

Security Affairs

MARCH 30, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Microsoft Trusted Signing service abused to code-sign malware Shedding light on the ABYSSWORKER driver VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware New Android Malware Campaigns Evading (..)

Malware 63

Malware Ransomware Threat Detection Mobile 63

Security Affairs

FEBRUARY 2, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 72

Malware Spyware Ransomware Hacking 72

Security Affairs

FEBRUARY 9, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 69

Malware Scams Banking Ransomware 69

Krebs on Security

JANUARY 24, 2023

Denis Emelyantsev , a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. “Thanks to you, we are now developing in the field of information security and anonymity!

Cybercrime 274

Cybercrime Advertising IoT Malware 274

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 115

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 115

Security Affairs

OCTOBER 25, 2024

“Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat.” However, after a $22 million transaction, an affiliate publicly complained on a Russian cybercrime forum, alleging that BlackCat did not pay their fee.

Data breaches 127

Data breaches Healthcare Cybercrime Insurance 127

Security Affairs

APRIL 7, 2025

Microsoft credited controversial actor EncryptHub, a lone actor with ties to cybercrime, for reporting two Windows flaws. In 2024, he shifted to cybercrime, starting with low-level roles in vishing and ransomware, later moving into malware and vulnerability research that drew wide attention. ” concludes the post.

Cybercrime 70

Cybercrime Malware Hacking VPN 70

Security Affairs

MARCH 9, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 65

Malware DDOS Hacking Ransomware 65

Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. ” reads the report published by Insikt Group.

Scams 81

Scams Media Cryptocurrency Cybercrime 81

Security Affairs

FEBRUARY 16, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 65

Malware Data breaches Mobile Encryption 65

Security Affairs

AUGUST 28, 2024

million reward for information leading to the arrest of a Belarusian cybercriminal involved in the mass malware distribution. million reward for information leading to the arrest of Volodymyr Kadariya (38), a Belarusian national allegedly involved in a significant malware organization. “The U.S.

Malware 129

Malware Computers and Electronics Cybercrime Internet 129

Security Affairs

APRIL 2, 2025

The malware was discovered on counterfeit Android devices mimicking popular smartphone models. “The malware has broad functionality and gives attackers almost unlimited control over the gadget” The malware, embedded in the system framework, provides attackers full control over the device. 231 banking malware.

Malware 120

Malware Cryptocurrency Mobile Firmware 120

Security Affairs

JANUARY 12, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 58

Malware Scams Phishing Encryption 58

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 108

Cryptocurrency Hacking Phishing Cyber Attacks 108