What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2025-02-21 13:45:23 | Spylend Android Malware a téléchargé 100 000 fois à partir de Google Play SpyLend Android malware downloaded 100,000 times from Google Play (lien direct) |
Une application Android Malware appelée Spylend a été téléchargée plus de 100 000 fois à partir de Google Play, où elle s'est masquée comme un outil financier mais est devenue une application de prêt prédatrice pour ceux en Inde. [...]
An Android malware app called SpyLend has been downloaded over 100,000 times from Google Play, where it masqueraded as a financial tool but became a predatory loan app for those in India. [...] |
Malware Tool Mobile | ★★ | |
|
2025-02-20 11:11:59 | Chinese hackers use custom malware to spy on US telecom networks (lien direct) | The Chinese state-sponsored Salt Typhoon hacking group uses a custom utility called JumbledPath to stealthily monitor network traffic and potentially capture sensitive data in cyberattacks on U.S. telecommunication providers. [...]
The Chinese state-sponsored Salt Typhoon hacking group uses a custom utility called JumbledPath to stealthily monitor network traffic and potentially capture sensitive data in cyberattacks on U.S. telecommunication providers. [...] |
Malware | ★★★ | |
|
2025-02-19 12:42:39 | New FrigidStealer infostealer infects Macs via fake browser updates (lien direct) | The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer. [...]
The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer. [...] |
Malware | ★★ | |
|
2025-02-18 16:25:24 | Cracked Garry\\'s Mod, BeamNG.drive games infect gamers with miners (lien direct) | A large-scale malware campaign dubbed "StaryDobry" has been targeting gamers worldwide with trojanized versions of cracked games such as Garry\'s Mod, BeamNG.drive, and Dyson Sphere Program. [...]
A large-scale malware campaign dubbed "StaryDobry" has been targeting gamers worldwide with trojanized versions of cracked games such as Garry\'s Mod, BeamNG.drive, and Dyson Sphere Program. [...] |
Malware | ★★ | |
|
2025-02-17 11:04:51 | Microsoft spots XCSSET macOS malware variant used for crypto theft (lien direct) | A new variant of the XCSSET macOS modular malware has emerged in attacks that target users\' sensitive information, including digital wallets and data from the legitimate Notes app. [...]
A new variant of the XCSSET macOS modular malware has emerged in attacks that target users\' sensitive information, including digital wallets and data from the legitimate Notes app. [...] |
Malware | ★★ | |
|
2025-02-16 10:15:30 | New FinalDraft malware abuses Outlook mail service for stealthy comms (lien direct) | A new malware called FinalDraft has been using Outlook email drafts for command-and-control communication in attacks against a ministry in a South American country. [...]
A new malware called FinalDraft has been using Outlook email drafts for command-and-control communication in attacks against a ministry in a South American country. [...] |
Malware | ★★ | |
|
2025-02-14 12:32:32 | PirateFi game on Steam caught installing password-stealing malware (lien direct) | A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users. [...]
A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users. [...] |
Malware | ★★★ | |
|
2025-02-06 15:59:41 | Microsoft says attackers use exposed ASP.NET keys to deploy malware (lien direct) | Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. [...]
Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. [...] |
Malware | ★★★ | |
|
2025-02-06 12:50:54 | Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (lien direct) | Hackers are targeting vulnerable SimpleHelp RMM clients to create administrator accounts, drop backdoors, and potentially lay the groundwork for ransomware attacks. [...]
Hackers are targeting vulnerable SimpleHelp RMM clients to create administrator accounts, drop backdoors, and potentially lay the groundwork for ransomware attacks. [...] |
Ransomware Malware Threat | ★★ | |
|
2025-02-05 18:16:04 | New Microsoft script updates Windows media with bootkit malware fixes (lien direct) | Microsoft has released a PowerShell script to help Windows users and admins update bootable media so it utilizes the new "Windows UEFI CA 2023" certificate before the mitigations of the BlackLotus UEFI bootkit are enforced later this year. [...]
Microsoft has released a PowerShell script to help Windows users and admins update bootable media so it utilizes the new "Windows UEFI CA 2023" certificate before the mitigations of the BlackLotus UEFI bootkit are enforced later this year. [...] |
Malware | ★★★ | |
|
2025-02-04 12:39:40 | Chinese cyberspies use new SSH backdoor in network device hacks (lien direct) | A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into the process for persistent access and covert operations. [...]
A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into the process for persistent access and covert operations. [...] |
Malware | ★★★ | |
|
2025-02-03 11:33:23 | DeepSeek AI tools impersonated by infostealer malware on PyPI (lien direct) | Threat actors are taking advantage of the rise in popularity of the DeepSeek to promote two malicious infostealer packages on the Python Package Index (PyPI), where they impersonated developer tools for the AI platform. [...]
Threat actors are taking advantage of the rise in popularity of the DeepSeek to promote two malicious infostealer packages on the Python Package Index (PyPI), where they impersonated developer tools for the AI platform. [...] |
Malware Tool Threat | ★★★ | |
|
2025-01-30 07:00:00 | Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics (lien direct) | A ChatGPT jailbreak flaw, dubbed "Time Bandit," allows you to bypass OpenAI\'s safety guidelines when asking for detailed instructions on sensitive topics, including the creation of weapons, information on nuclear topics, and malware creation. [...]
A ChatGPT jailbreak flaw, dubbed "Time Bandit," allows you to bypass OpenAI\'s safety guidelines when asking for detailed instructions on sensitive topics, including the creation of weapons, information on nuclear topics, and malware creation. [...] |
Malware | ChatGPT | ★★★ |
|
2025-01-29 19:55:06 | New Aquabotv3 botnet malware targets Mitel command injection flaw (lien direct) | A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. [...]
A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. [...] |
Malware Vulnerability | ★★★ | |
|
2025-01-29 19:33:11 | Solana Pump.fun tool DogWifTool compromised to drain wallets (lien direct) | DogWifTools has disclosed on its official Discord channel that its software has been compromised by a supply chain attack that impacted its Windows client, infecting users with malware. [...]
DogWifTools has disclosed on its official Discord channel that its software has been compromised by a supply chain attack that impacted its Windows client, infecting users with malware. [...] |
Malware Tool | ★★ | |
|
2025-01-24 11:34:40 | Hacker infects 18,000 "script kiddies" with fake malware builder (lien direct) | A threat actor targeted low-skilled hackers, known as "script kiddies," with a fake malware builder that secretly infected them with a backdoor to steal data and take over computers. [...]
A threat actor targeted low-skilled hackers, known as "script kiddies," with a fake malware builder that secretly infected them with a backdoor to steal data and take over computers. [...] |
Malware Threat | ★★★ | |
|
2025-01-23 14:05:34 | Hundreds of fake Reddit sites push Lumma Stealer malware (lien direct) | Hackers are distributing close to 1,000 web pages mimicking Reddit and the WeTransfer file sharing service that lead to downloading the Lumma Stealer malware. [...]
Hackers are distributing close to 1,000 web pages mimicking Reddit and the WeTransfer file sharing service that lead to downloading the Lumma Stealer malware. [...] |
Malware | ★★★ | |
|
2025-01-23 10:26:36 | Stealthy \\'Magic Packet\\' malware targets Juniper VPN gateways (lien direct) | A malicious campaign has been specifically targeting Juniper edge devices, many acting as VPN gateways, with malware dubbed J-magic that starts a reverse shell only if it detects a "magic packet" in the network traffic. [...]
A malicious campaign has been specifically targeting Juniper edge devices, many acting as VPN gateways, with malware dubbed J-magic that starts a reverse shell only if it detects a "magic packet" in the network traffic. [...] |
Malware | ★★★ | |
|
2025-01-22 15:35:44 | Telegram captcha tricks you into running malicious PowerShell scripts (lien direct) | Threat actors on X are exploiting the news around Ross Ulbricht to direct unsuspecting users to a Telegram channel that tricks them into executing PowerShell code that infects them with malware. [...]
Threat actors on X are exploiting the news around Ross Ulbricht to direct unsuspecting users to a Telegram channel that tricks them into executing PowerShell code that infects them with malware. [...] |
Malware Threat | ★★★ | |
|
2025-01-22 10:11:48 | IPany VPN breached in supply-chain attack to push custom malware (lien direct) | South Korean VPN provider IPany was breached in a supply chain attack by the "PlushDaemon" China-aligned hacking group, who compromised the company\'s VPN installer to deploy the custom \'SlowStepper\' malware. [...]
South Korean VPN provider IPany was breached in a supply chain attack by the "PlushDaemon" China-aligned hacking group, who compromised the company\'s VPN installer to deploy the custom \'SlowStepper\' malware. [...] |
Malware | ★★★ | |
|
2025-01-21 14:58:20 | Fake Homebrew Google ads target Mac users with malware (lien direct) | Hackers are once again abusing Google ads to spread malware, using a fake Homebrew website to infect Macs and Linux devices with an infostealer that steals credentials, browser data, and cryptocurrency wallets. [...]
Hackers are once again abusing Google ads to spread malware, using a fake Homebrew website to infect Macs and Linux devices with an infostealer that steals credentials, browser data, and cryptocurrency wallets. [...] |
Malware | ★★★ | |
|
2025-01-21 10:59:29 | Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (lien direct) | Ransomware gangs are increasingly adopting email bombing followed by posing as tech support in Microsoft Teams calls to trick employees into allowing remote control and install malware that provides access to the company network. [...]
Ransomware gangs are increasingly adopting email bombing followed by posing as tech support in Microsoft Teams calls to trick employees into allowing remote control and install malware that provides access to the company network. [...] |
Ransomware Malware | ★★★ | |
|
2025-01-15 15:04:45 | MikroTik botnet uses misconfigured SPF DNS records to spread malware (lien direct) | A newly discovered botnet of 13,000 MikroTik devices uses a misconfiguration in domain name server records to bypass email protections and deliver malware by spoofing roughly 20,000 web domains. [...]
A newly discovered botnet of 13,000 MikroTik devices uses a misconfiguration in domain name server records to bypass email protections and deliver malware by spoofing roughly 20,000 web domains. [...] |
Malware | ★★★ | |
|
2025-01-14 15:54:28 | WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites (lien direct) | A new malware campaign has compromised more than 5,000 WordPress sites to create admin accounts, install a malicious plugin, and steal data. [...]
A new malware campaign has compromised more than 5,000 WordPress sites to create admin accounts, install a malicious plugin, and steal data. [...] |
Malware | ★★★ | |
|
2025-01-14 11:26:26 | FBI deletes Chinese PlugX malware from thousands of US computers (lien direct) | The U.S. Department of Justice announced today that the FBI has deleted Chinese PlugX malware from over 4,200 computers in networks across the United States. [...]
The U.S. Department of Justice announced today that the FBI has deleted Chinese PlugX malware from over 4,200 computers in networks across the United States. [...] |
Malware | ★★★ | |
|
2025-01-11 10:21:31 | Fake LDAPNightmware exploit on GitHub spreads infostealer malware (lien direct) | A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. [...]
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. [...] |
Malware Threat | ★★★ | |
|
2025-01-10 11:37:59 | Docker Desktop blocked on Macs due to false malware alert (lien direct) | Docker is warning that Docker Desktop is not starting on macOS due to malware warnings after some files were signed with an incorrect code-signing certificate. [...]
Docker is warning that Docker Desktop is not starting on macOS due to malware warnings after some files were signed with an incorrect code-signing certificate. [...] |
Malware | ★★★ | |
|
2025-01-09 11:11:20 | Google: Chinese hackers likely behind Ivanti VPN zero-day attacks (lien direct) | Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called \'Dryhook\' and \'Phasejam\' that is not currently associated with any threat group. [...]
Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called \'Dryhook\' and \'Phasejam\' that is not currently associated with any threat group. [...] |
Malware Vulnerability Threat | ★★★ | |
|
2025-01-08 15:43:34 | Ivanti warns of new Connect Secure flaw used in zero-day attacks (lien direct) | Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in zero-day attacks to install malware on appliances. [...]
Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in zero-day attacks to install malware on appliances. [...] |
Malware Vulnerability Threat | ★★★ | |
|
2025-01-06 09:54:56 | Eagerbee backdoor deployed against Middle Eastern govt orgs, ISPs (lien direct) | New variants of the Eagerbee malware framework are being deployed against government organizations and internet service providers (ISPs) in the Middle East. [...]
New variants of the Eagerbee malware framework are being deployed against government organizations and internet service providers (ISPs) in the Middle East. [...] |
Malware | ★★★ | |
|
2025-01-04 10:16:26 | New FireScam Android data-theft malware poses as Telegram Premium app (lien direct) | A new Android malware named \'FireScam\' is being distributed as a premium version of the Telegram app via phishing websites on GitHub that mimick the RuStore, Russia\'s app market for mobile devices. [...]
A new Android malware named \'FireScam\' is being distributed as a premium version of the Telegram app via phishing websites on GitHub that mimick the RuStore, Russia\'s app market for mobile devices. [...] |
Malware Mobile | ★★★ | |
|
2024-12-31 10:13:12 | Over 3.1 million fake "stars" on GitHub projects used to boost rankings (lien direct) | GitHub has a problem with inauthentic "stars" used to artificially inflate the popularity of scam and malware distribution repositories to appear more popular, helping them reach more unsuspecting users. [...]
GitHub has a problem with inauthentic "stars" used to artificially inflate the popularity of scam and malware distribution repositories to appear more popular, helping them reach more unsuspecting users. [...] |
Malware | ★★ | |
|
2024-12-29 10:09:28 | Malware botnets exploit outdated D-Link routers in recent attacks (lien direct) | Two botnets tracked as \'Ficora\' and \'Capsaicin\' have recorded increased activity in targeting D-Link routers that have reached end of life or are running outdated firmware versions. [...]
Two botnets tracked as \'Ficora\' and \'Capsaicin\' have recorded increased activity in targeting D-Link routers that have reached end of life or are running outdated firmware versions. [...] |
Malware Threat | ★★ | |
|
2024-12-26 11:53:10 | New \\'OtterCookie\\' malware used to backdoor devs in fake job offers (lien direct) | North Korean threat actors are using new malware called OtterCookie in the Contagious Interview campaign that is targeting software developers. [...]
North Korean threat actors are using new malware called OtterCookie in the Contagious Interview campaign that is targeting software developers. [...] |
Malware Threat | ★★★ | |
|
2024-12-24 15:04:03 | New botnet exploits vulnerabilities in NVRs, TP-Link routers (lien direct) | A new Mirai-based malware campaign is actively exploiting unpatched vulnerabilities in Internet of Things (IoT) devices, including DigiEver DS-2105 Pro DVRs. [...]
A new Mirai-based malware campaign is actively exploiting unpatched vulnerabilities in Internet of Things (IoT) devices, including DigiEver DS-2105 Pro DVRs. [...] |
Malware Vulnerability | ★★ | |
|
2024-12-20 11:48:25 | US charges Russian-Israeli as suspected LockBit ransomware coder (lien direct) | The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group. [...]
The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group. [...] |
Ransomware Malware | ★★★ | |
|
2024-12-19 17:01:58 | BadBox malware botnet infects 192,000 Android devices despite disruption (lien direct) | The BadBox Android malware botnet has grown to over 192,000 infected devices worldwide despite a recent sinkhole operation that attempted to disrupt the operation in Germany. [...]
The BadBox Android malware botnet has grown to over 192,000 infected devices worldwide despite a recent sinkhole operation that attempted to disrupt the operation in Germany. [...] |
Malware Mobile | ★★ | |
|
2024-12-19 13:59:26 | Android malware found on Amazon Appstore disguised as health app (lien direct) | A malicious Android spyware application named \'BMI CalculationVsn\' was discovered on the Amazon Appstore, masquerading as a simple health tool but stealing data from infected devices in the background. [...]
A malicious Android spyware application named \'BMI CalculationVsn\' was discovered on the Amazon Appstore, masquerading as a simple health tool but stealing data from infected devices in the background. [...] |
Malware Tool Mobile | ★★ | |
|
2024-12-19 13:27:00 | Juniper warns of Mirai botnet scanning for Session Smart routers (lien direct) | Juniper Networks has warned customers of Mirai malware attacks scanning the Internet for Session Smart routers using default credentials. [...]
Juniper Networks has warned customers of Mirai malware attacks scanning the Internet for Session Smart routers using default credentials. [...] |
Malware | ★★★ | |
|
2024-12-18 16:58:26 | Raccoon Stealer malware operator gets 5 years in prison after guilty plea (lien direct) | Ukrainian national Mark Sokolovsky was sentenced today to five years in prison for his involvement in the Raccoon Stealer malware cybercrime operation. [...]
Ukrainian national Mark Sokolovsky was sentenced today to five years in prison for his involvement in the Raccoon Stealer malware cybercrime operation. [...] |
Malware Legislation | ★★ | |
|
2024-12-17 17:29:44 | \\'Bitter\\' cyberspies target defense orgs with new MiyaRAT malware (lien direct) | A cyberespionage threat group known as \'Bitter\' was observed targeting defense organizations in Turkey using a novel malware family named MiyaRAT. [...]
A cyberespionage threat group known as \'Bitter\' was observed targeting defense organizations in Turkey using a novel malware family named MiyaRAT. [...] |
Malware Threat | ★★★ | |
|
2024-12-16 17:22:35 | FBI spots HiatusRAT malware attacks targeting web cameras, DVRs (lien direct) | The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. [...]
The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. [...] |
Malware | ★★ | |
|
2024-12-16 14:32:07 | Malicious ads push Lumma infostealer via fake CAPTCHA pages (lien direct) | A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot. [...]
A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot. [...] |
Malware | ★★★ | |
|
2024-12-13 10:22:05 | Germany blocks BadBox malware loaded on 30,000 Android devices (lien direct) | Germany\'s Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. [...]
Germany\'s Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. [...] |
Malware Mobile | ★★ | |
|
2024-12-12 17:35:24 | New stealthy Pumakit Linux rootkit malware spotted in the wild (lien direct) | A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems. [...]
A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems. [...] |
Malware | ★★★ | |
|
2024-12-12 15:46:32 | New IOCONTROL malware used in critical infrastructure attacks (lien direct) | Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. [...]
Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. [...] |
Malware Threat Industrial | ★★★ | |
|
2024-12-06 06:00:00 | Crypto-stealing malware posing as a meeting app targets Web3 pros (lien direct) | Cybercriminals are targeting people working in Web3 with fake business meetings using a fraudulent video conferencing platform that infects Windows and Macs with crypto-stealing malware. [...]
Cybercriminals are targeting people working in Web3 with fake business meetings using a fraudulent video conferencing platform that infects Windows and Macs with crypto-stealing malware. [...] |
Malware | ★★ | |
|
2024-12-05 10:02:12 | Latrodectus malware and how to defend against it with Wazuh (lien direct) | Latrodectus is a versatile malware family that infiltrate systems, steal sensitive data, and evades detection. Learn more from Wazuh about Latrodectus malware and how to defend against it using the open-source XDR. [...]
Latrodectus is a versatile malware family that infiltrate systems, steal sensitive data, and evades detection. Learn more from Wazuh about Latrodectus malware and how to defend against it using the open-source XDR. [...] |
Malware | ★★★ | |
|
2024-12-04 13:26:24 | New DroidBot Android malware targets 77 banking, crypto apps (lien direct) | A new Android banking malware named \'DroidBot\' attempts to steal credentials for over 77 cryptocurrency exchanges and banking apps in the UK, Italy, France, Spain, and Portugal. [...]
A new Android banking malware named \'DroidBot\' attempts to steal credentials for over 77 cryptocurrency exchanges and banking apps in the UK, Italy, France, Spain, and Portugal. [...] |
Malware Mobile | ★★★ | |
|
2024-12-02 13:07:03 | BootKitty UEFI malware exploits LogoFAIL to infect Linux systems (lien direct) | The recently uncovered \'Bootkitty\' UEFI bootkit, the first malware of its kind targeting Linux systems, exploits CVE-2023-40238, aka \'LogoFAIL,\' to infect computers running on a vulnerable UEFI firmware. [...]
The recently uncovered \'Bootkitty\' UEFI bootkit, the first malware of its kind targeting Linux systems, exploits CVE-2023-40238, aka \'LogoFAIL,\' to infect computers running on a vulnerable UEFI firmware. [...] |
Malware | ★★ |
To see everything:
Our RSS (filtrered)
