This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T00:21:06+00:00 www.secnews.physaphae.fr Bleeping Computer - Magazine Américain The website of iClicker, a popular student engagement platform, was compromised in a ClickFix attack that used a fake CAPTCHA prompt to trick students and instructors into installing malware on their devices. [...]]]> 2025-05-11T10:16:26+00:00 https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/ www.secnews.physaphae.fr/article.php?IdArticle=8674501 False Malware,Hack None None Bleeping Computer - Magazine Américain Fake AI-powered video generation tools are being used to distribute a new information-stealing malware family called \'Noodlophile,\' under the guise of generated media content. [...]]]> 2025-05-10T10:17:27+00:00 https://www.bleepingcomputer.com/news/security/fake-ai-video-generators-drop-new-noodlophile-infostealer-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8674134 False Malware,Tool None None Bleeping Computer - Magazine Américain The FBI warns that threat actors are deploying malware on end-of-life (EoL) routers to convert them into proxies sold on the 5Socks and Anyproxy networks. [...]]]> 2025-05-08T18:15:39+00:00 https://www.bleepingcomputer.com/news/security/fbi-end-of-life-routers-hacked-for-cybercrime-proxy-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8673429 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three years. [...]]]> 2025-05-08T14:51:14+00:00 https://www.bleepingcomputer.com/news/security/malicious-pypi-package-hides-rat-malware-targets-discord-devs-since-2022/ www.secnews.physaphae.fr/article.php?IdArticle=8673352 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Since the start of the year, the Russian state-backed ColdRiver hacking group has been using new LostKeys malware to steal files in espionage attacks targeting Western governments, journalists, think tanks, and non-governmental organizations. [...]]]> 2025-05-08T09:39:15+00:00 https://www.bleepingcomputer.com/news/security/google-links-new-lostkeys-data-theft-malware-to-russian-cyberspies/ www.secnews.physaphae.fr/article.php?IdArticle=8673236 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems. [...]]]> 2025-05-07T10:45:19+00:00 https://www.bleepingcomputer.com/news/security/play-ransomware-exploited-windows-logging-flaw-in-zero-day-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8672809 False Ransomware,Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are exploiting an unauthenticated remote code execution (RCE) vulnerability in the Samsung MagicINFO 9 Server to hijack devices and deploy malware. [...]]]> 2025-05-06T13:10:23+00:00 https://www.bleepingcomputer.com/news/security/samsung-magicinfo-9-server-rce-flaw-now-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8672397 False Malware,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain A supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub. [...]]]> 2025-05-06T05:13:16+00:00 https://www.bleepingcomputer.com/news/security/linux-wiper-malware-hidden-in-malicious-go-modules-on-github/ www.secnews.physaphae.fr/article.php?IdArticle=8672212 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain The creators of StealC, a widely-used information stealer and malware downloader, have released its second major version, bringing multiple stealth and data theft enhancements. [...]]]> 2025-05-04T10:11:21+00:00 https://www.bleepingcomputer.com/news/security/stealc-malware-enhanced-with-stealth-upgrades-and-data-theft-tools/ www.secnews.physaphae.fr/article.php?IdArticle=8671473 False Malware,Tool None 3.0000000000000000 Bleeping Computer - Magazine Américain A China-aligned APT threat actor named "TheWizards" abuses an IPv6 networking feature to launch adversary-in-the-middle (AitM) attacks that hijack software updates to install Windows malware. [...]]]> 2025-04-30T20:33:42+00:00 https://www.bleepingcomputer.com/news/security/hackers-abuse-ipv6-networking-feature-to-hijack-software-updates/ www.secnews.physaphae.fr/article.php?IdArticle=8670063 False Malware,Threat None 4.0000000000000000 Bleeping Computer - Magazine Américain A new malware campaign targeting WordPress sites employs a malicious plugin disguised as a security tool to trick users into installing and trusting it. [...]]]> 2025-04-30T17:05:46+00:00 https://www.bleepingcomputer.com/news/security/wordpress-plugin-disguised-as-a-security-tool-injects-backdoor/ www.secnews.physaphae.fr/article.php?IdArticle=8670045 False Malware,Tool None 2.0000000000000000 Bleeping Computer - Magazine Américain A new Android malware has been discovered hidden inside trojanized versions of the Alpine Quest mapping app, which is reportedly used by Russian soldiers as part of war zone operational planning. [...]]]> 2025-04-23T14:30:17+00:00 https://www.bleepingcomputer.com/news/security/russian-army-targeted-by-new-android-malware-hidden-in-mapping-app/ www.secnews.physaphae.fr/article.php?IdArticle=8666788 False Malware,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain South Korea\'s largest mobile operator, SK Telecom, is warning that a malware infection allowed threat actors to access sensitive USIM-related information for customers. [...]]]> 2025-04-22T14:26:59+00:00 https://www.bleepingcomputer.com/news/security/sk-telecom-warns-customer-usim-data-exposed-in-malware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8666284 False Malware,Threat,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain A new malware-as-a-service (MaaS) platform named \'SuperCard X\' has emerged, targeting Android devices via NFC relay attacks that enable point-of-sale and ATM transactions using compromised payment card data. [...]]]> 2025-04-19T11:17:28+00:00 https://www.bleepingcomputer.com/news/security/supercard-x-android-malware-use-stolen-cards-in-nfc-relay-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8665015 False Malware,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain The Interlock ransomware gang now uses ClickFix attacks that impersonate IT tools to breach corporate networks and deploy file-encrypting malware on devices. [...]]]> 2025-04-18T13:44:40+00:00 https://www.bleepingcomputer.com/news/security/interlock-ransomware-gang-pushes-fake-it-tools-in-clickfix-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8664573 False Ransomware,Malware,Tool None 3.0000000000000000 Bleeping Computer - Magazine Américain Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware. [...]]]> 2025-04-18T09:43:58+00:00 https://www.bleepingcomputer.com/news/security/chinese-hackers-target-russian-govt-with-upgraded-rat-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8664499 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Russian state-sponsored espionage group Midnight Blizzard is behind a new spear-phishing campaign targeting diplomatic entities in Europe, including embassies. [...]]]> 2025-04-15T16:25:57+00:00 https://www.bleepingcomputer.com/news/security/midnight-blizzard-deploys-new-grapeloader-malware-in-embassy-phishing/ www.secnews.physaphae.fr/article.php?IdArticle=8663228 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A new remote access trojan (RAT) called \'ResolverRAT\' is being used against organizations globally, with the malware used in recent attacks targeting the healthcare and pharmaceutical sectors. [...]]]> 2025-04-14T12:40:23+00:00 https://www.bleepingcomputer.com/news/security/new-resolverrat-malware-targets-pharma-and-healthcare-orgs-worldwide/ www.secnews.physaphae.fr/article.php?IdArticle=8662760 False Malware,Medical None 3.0000000000000000 Bleeping Computer - Magazine Américain In follow-up activity for Operation Endgame, law enforcement tracked down Smokeloader botnet\'s customers and detained at least five individuals. [...]]]> 2025-04-09T09:33:56+00:00 https://www.bleepingcomputer.com/news/security/police-detains-smokeloader-malware-customers-seizes-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8661146 False Malware,Legislation None 3.0000000000000000 Bleeping Computer - Magazine Américain Threat actors are abusing SourceForge to distribute fake Microsoft add-ins that install malware on victims\' computers to both mine and steal cryptocurrency. [...]]]> 2025-04-08T16:53:33+00:00 https://www.bleepingcomputer.com/news/security/fake-microsoft-office-add-in-tools-push-malware-via-sourceforge/ www.secnews.physaphae.fr/article.php?IdArticle=8661012 False Malware,Tool,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025. [...]]]> 2025-04-03T13:43:34+00:00 https://www.bleepingcomputer.com/news/security/ivanti-patches-connect-secure-zero-day-exploited-since-mid-march/ www.secnews.physaphae.fr/article.php?IdArticle=8660092 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new version of the Triada trojan has been discovered preinstalled on thousands of new Android devices, allowing threat actors to steal data as soon as they are set up. [...]]]> 2025-04-02T09:57:23+00:00 https://www.bleepingcomputer.com/news/security/counterfeit-android-devices-found-preloaded-with-triada-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8659836 False Malware,Threat,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain A RAR file, a fake summons, and a Nietzsche quote-all part of a multi-stage malware chain delivering DCRat & Rhadamanthys. Acronis TRU breaks down how attackers use VBS, batch, and PowerShell scripts to slip past defenses. [...]]]> 2025-04-01T13:30:00+00:00 https://www.bleepingcomputer.com/news/security/we-smell-a-dcrat-revealing-a-sophisticated-malware-delivery-chain/ www.secnews.physaphae.fr/article.php?IdArticle=8659666 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain The notorious North Korean Lazarus hacking group has reportedly adopted \'ClickFix\' tactics to deploy malware targeting job seekers in the cryptocurrency industry, particularly centralized finance (CeFi). [...]]]> 2025-03-31T11:56:54+00:00 https://www.bleepingcomputer.com/news/security/north-korean-hackers-adopt-clickfix-attacks-to-target-crypto-firms/ www.secnews.physaphae.fr/article.php?IdArticle=8659416 False Malware APT 38 3.0000000000000000 Bleeping Computer - Magazine Américain A newly discovered Android malware dubbed Crocodilus tricks users into providing the seed phrase for the cryptocurrency wallet using a warning to back up the key to avoid losing access. [...]]]> 2025-03-30T10:17:19+00:00 https://www.bleepingcomputer.com/news/security/new-crocodilus-malware-steals-android-users-crypto-wallet-keys/ www.secnews.physaphae.fr/article.php?IdArticle=8659252 False Malware,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain A China-linked cyberespionage group known as \'FamousSparrow\' was observed using a new modular version of its signature backdoor \'SparrowDoor\' against a US-based trade organization. [...]]]> 2025-03-27T14:38:23+00:00 https://www.bleepingcomputer.com/news/security/chinese-famoussparrow-hackers-deploy-upgraded-malware-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8658668 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Google has fixed a high-severity Chrome zero-day vulnerability exploited to escape the browser\'s sandbox and deploy malware in espionage attacks targeting Russian organizations. [...]]]> 2025-03-26T02:42:48+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-exploited-in-espionage-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=8658255 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain New Android malware campaigns use Microsoft\'s cross-platform framework .NET MAUI while disguising as legitimate services to evade detection. [...]]]> 2025-03-25T09:52:53+00:00 https://www.bleepingcomputer.com/news/security/new-android-malware-uses-microsofts-net-maui-to-evade-detection/ www.secnews.physaphae.fr/article.php?IdArticle=8658105 False Malware,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Acronis Threat Research found 2M+ malicious URLs & 5,000+ malware instances in Microsoft 365 backup data-demonstrating how built-in security isn\'t always enough. Don\'t let threats persist in your cloud data. Strengthen your defenses. [...]]]> 2025-03-24T10:01:11+00:00 https://www.bleepingcomputer.com/news/security/hidden-threats-how-microsoft-365-backups-store-risks-for-future-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8657861 False Malware,Threat,Cloud None 3.0000000000000000 Bleeping Computer - Magazine Américain The FBI is warning that fake online document converters are being used to steal people\'s information and, in worst-case scenarios, lead to ransomware attacks. [...]]]> 2025-03-23T10:09:19+00:00 https://www.bleepingcomputer.com/news/security/fbi-warnings-are-true-fake-file-converters-do-push-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8657616 False Ransomware,Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Cybercriminals are abusing Microsoft\'s Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. [...]]]> 2025-03-22T10:30:04+00:00 https://www.bleepingcomputer.com/news/security/microsoft-trusted-signing-service-abused-to-code-sign-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8657625 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Valve has removed a game titled \'Sniper: Phantom\'s Resolution\' from the Steam store following multiple user reports that indicated its demo installer actually infected their systems with information stealing malware. [...]]]> 2025-03-21T09:24:23+00:00 https://www.bleepingcomputer.com/news/security/steam-pulls-game-demo-infecting-windows-with-info-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8657198 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A malware operation dubbed \'DollyWay\' has been underway since 2016, compromising over 20,000 WordPress sites globally to redirect users to malicious sites. [...]]]> 2025-03-19T19:12:00+00:00 https://www.bleepingcomputer.com/news/security/malware-campaign-dollyway-breached-20-000-wordpress-sites/ www.secnews.physaphae.fr/article.php?IdArticle=8656804 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Ukraine\'s Computer Emergency Response Team (CERT-UA) is warning about highly targeted attacks employing compromised Signal accounts to send malware to employees of defense industry firms and members of the country\'s army forces. [...]]]> 2025-03-19T16:30:40+00:00 https://www.bleepingcomputer.com/news/security/ukrainian-military-targeted-in-new-signal-spear-phishing-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8656774 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A newly discovered information-stealing malware called Arcane is stealing extensive user data, including VPN account credentials, gaming clients, messaging apps, and information stored in web browsers. [...]]]> 2025-03-19T13:52:08+00:00 https://www.bleepingcomputer.com/news/security/new-arcane-infostealer-infects-youtube-discord-users-via-game-cheats/ www.secnews.physaphae.fr/article.php?IdArticle=8656743 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Microsoft has discovered a new remote access trojan (RAT) that employs "sophisticated techniques" to avoid detection, ensure persistence, and extract sensitive information data. [...]]]> 2025-03-17T14:59:24+00:00 https://www.bleepingcomputer.com/news/security/microsoft-new-rat-malware-used-for-crypto-theft-reconnaissance/ www.secnews.physaphae.fr/article.php?IdArticle=8656298 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials. [...]]]> 2025-03-16T10:19:29+00:00 https://www.bleepingcomputer.com/news/security/malicious-adobe-docusign-oauth-apps-target-microsoft-365-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8656066 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft is warning that an ongoing phishing campaign impersonating Booking.com is using ClickFix social engineering attacks to infect hospitality workers with various malware, including infostealers and RATs. [...]]]> 2025-03-13T11:00:00+00:00 https://www.bleepingcomputer.com/news/security/clickfix-attack-delivers-infostealers-rats-in-fake-bookingcom-emails/ www.secnews.physaphae.fr/article.php?IdArticle=8655555 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A newly discovered clipboard hijacking operation dubbed \'MassJacker\' uses at least 778,531 cryptocurrency wallet addresses to steal digital assets from compromised computers. [...]]]> 2025-03-11T12:06:36+00:00 https://www.bleepingcomputer.com/news/security/massjacker-malware-uses-778-000-wallets-to-steal-cryptocurrency/ www.secnews.physaphae.fr/article.php?IdArticle=8655051 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A software developer has been found guilty of sabotaging his ex-employer\'s systems by running custom malware and installing a "kill switch" after being demoted at the company. [...]]]> 2025-03-08T12:43:15+00:00 https://www.bleepingcomputer.com/news/security/developer-guilty-of-using-kill-switch-to-sabotage-employers-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8654711 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Cybercriminals are sending bogus copyright claims to YouTubers to coerce them into promoting malware and cryptocurrency miners on their videos. [...]]]> 2025-03-08T10:11:21+00:00 https://www.bleepingcomputer.com/news/security/youtubers-extorted-via-copyright-strikes-to-spread-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8654703 False Malware None 4.0000000000000000 Bleeping Computer - Magazine Américain A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise devices. [...]]]> 2025-03-07T13:36:48+00:00 https://www.bleepingcomputer.com/news/security/unpatched-edimax-ip-camera-flaw-actively-exploited-in-botnet-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8654574 False Malware,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain The BadBox Android malware botnet has been disrupted again by removing 24 malicious apps from Google Play and sinkholing communications for half a million infected devices. [...]]]> 2025-03-05T11:44:21+00:00 https://www.bleepingcomputer.com/news/security/badbox-malware-disrupted-on-500k-infected-android-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8653903 False Malware,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain New research has uncovered further links between the Black Basta and Cactus ransomware gangs, with members of both groups utilizing the same social engineering attacks and the BackConnect proxy malware for post-exploitation access to corporate networks. [...]]]> 2025-03-04T17:47:42+00:00 https://www.bleepingcomputer.com/news/security/microsoft-teams-tactics-malware-connect-black-basta-cactus-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8653592 False Ransomware,Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A new botnet malware named \'Eleven11bot\' has infected over 86,000 IoT devices, primarily security cameras and network video recorders (NVRs), to conduct DDoS attacks. [...]]]> 2025-03-04T15:10:04+00:00 https://www.bleepingcomputer.com/news/security/new-eleven11bot-botnet-infects-86-000-devices-for-ddos-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8653557 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A previously undocumented polyglot malware is being deployed in attacks against aviation, satellite communication, and critical transportation organizations in the United Arab Emirates. [...]]]> 2025-03-04T11:17:18+00:00 https://www.bleepingcomputer.com/news/security/new-polyglot-malware-hits-aviation-satellite-communication-firms/ www.secnews.physaphae.fr/article.php?IdArticle=8653478 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A new variant of the Vo1d malware botnet has grown to 1,590,299 infected Android TV devices across 226 countries, recruiting devices as part of anonymous proxy server networks. [...]]]> 2025-02-27T17:49:12+00:00 https://www.bleepingcomputer.com/news/security/vo1d-malware-botnet-grows-to-16-million-android-tvs-worldwide/ www.secnews.physaphae.fr/article.php?IdArticle=8651773 False Malware,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain A recent social engineering campaign targeted job seekers in the Web3 space with fake job interviews through a malicious "GrassCall" meeting app that installs information-stealing malware to steal cryptocurrency wallets. [...]]]> 2025-02-26T18:27:20+00:00 https://www.bleepingcomputer.com/news/security/grasscall-malware-campaign-drains-crypto-wallets-via-fake-job-interviews/ www.secnews.physaphae.fr/article.php?IdArticle=8651412 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain ​The Have I Been Pwned data breach notification service has added over 284 million accounts stolen by information stealer malware and found on a Telegram channel. [...]]]> 2025-02-25T17:07:50+00:00 https://www.bleepingcomputer.com/news/security/have-i-been-pwned-adds-284m-accounts-stolen-by-infostealer-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8650996 False Data Breach,Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A malware campaign dubbed GitVenom uses hundreds of GitHub repositories to trick users into downloading info-stealers, remote access trojans (RATs), and clipboard hijackers to steal crypto and credentials. [...]]]> 2025-02-25T14:45:16+00:00 https://www.bleepingcomputer.com/news/security/gitvenom-attacks-abuse-hundreds-of-github-repos-to-steal-crypto/ www.secnews.physaphae.fr/article.php?IdArticle=8650967 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain An Android malware app called SpyLend has been downloaded over 100,000 times from Google Play, where it masqueraded as a financial tool but became a predatory loan app for those in India. [...]]]> 2025-02-21T13:45:23+00:00 https://www.bleepingcomputer.com/news/security/spylend-android-malware-downloaded-100-000-times-from-google-play/ www.secnews.physaphae.fr/article.php?IdArticle=8649675 False Malware,Tool,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain The Chinese state-sponsored Salt Typhoon hacking group uses a custom utility called JumbledPath to stealthily monitor network traffic and potentially capture sensitive data in cyberattacks on U.S. telecommunication providers. [...]]]> 2025-02-20T11:11:59+00:00 https://www.bleepingcomputer.com/news/security/salt-typhoon-uses-jumbledpath-malware-to-spy-on-us-telecom-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8649298 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer. [...]]]> 2025-02-19T12:42:39+00:00 https://www.bleepingcomputer.com/news/security/new-frigidstealer-infostealer-infects-macs-via-fake-browser-updates/ www.secnews.physaphae.fr/article.php?IdArticle=8649036 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A large-scale malware campaign dubbed "StaryDobry" has been targeting gamers worldwide with trojanized versions of cracked games such as Garry\'s Mod, BeamNG.drive, and Dyson Sphere Program. [...]]]> 2025-02-18T16:25:24+00:00 https://www.bleepingcomputer.com/news/security/cracked-garrys-mod-beamngdrive-games-infect-gamers-with-miners/ www.secnews.physaphae.fr/article.php?IdArticle=8648921 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A new variant of the XCSSET macOS modular malware has emerged in attacks that target users\' sensitive information, including digital wallets and data from the legitimate Notes app. [...]]]> 2025-02-17T11:04:51+00:00 https://www.bleepingcomputer.com/news/security/microsoft-spots-xcsset-macos-malware-variant-used-for-crypto-theft/ www.secnews.physaphae.fr/article.php?IdArticle=8648775 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A new malware called FinalDraft has been using Outlook email drafts for command-and-control communication in attacks against a ministry in a South American country. [...]]]> 2025-02-16T10:15:30+00:00 https://www.bleepingcomputer.com/news/security/new-finaldraft-malware-abuses-outlook-mail-service-for-stealthy-comms/ www.secnews.physaphae.fr/article.php?IdArticle=8648660 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users. [...]]]> 2025-02-14T12:32:32+00:00 https://www.bleepingcomputer.com/news/security/piratefi-game-on-steam-caught-installing-password-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8648600 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. [...]]]> 2025-02-06T15:59:41+00:00 https://www.bleepingcomputer.com/news/security/microsoft-says-attackers-use-exposed-aspnet-keys-to-deploy-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8647286 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are targeting vulnerable SimpleHelp RMM clients to create administrator accounts, drop backdoors, and potentially lay the groundwork for ransomware attacks. [...]]]> 2025-02-06T12:50:54+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-simplehelp-rmm-flaws-to-deploy-sliver-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8647262 False Ransomware,Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft has released a PowerShell script to help Windows users and admins update bootable media so it utilizes the new "Windows UEFI CA 2023" certificate before the mitigations of the BlackLotus UEFI bootkit are enforced later this year. [...]]]> 2025-02-05T18:16:04+00:00 https://www.bleepingcomputer.com/news/microsoft/new-microsoft-script-updates-windows-media-with-bootkit-malware-fixes/ www.secnews.physaphae.fr/article.php?IdArticle=8647137 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into the process for persistent access and covert operations. [...]]]> 2025-02-04T12:39:40+00:00 https://www.bleepingcomputer.com/news/security/chinese-cyberspies-use-new-ssh-backdoor-in-network-device-hacks/ www.secnews.physaphae.fr/article.php?IdArticle=8646865 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Threat actors are taking advantage of the rise in popularity of the DeepSeek to promote two malicious infostealer packages on the Python Package Index (PyPI), where they impersonated developer tools for the AI platform. [...]]]> 2025-02-03T11:33:23+00:00 https://www.bleepingcomputer.com/news/security/deepseek-ai-tools-impersonated-by-infostealer-malware-on-pypi/ www.secnews.physaphae.fr/article.php?IdArticle=8646596 False Malware,Tool,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A ChatGPT jailbreak flaw, dubbed "Time Bandit," allows you to bypass OpenAI\'s safety guidelines when asking for detailed instructions on sensitive topics, including the creation of weapons, information on nuclear topics, and malware creation. [...]]]> 2025-01-30T07:00:00+00:00 https://www.bleepingcomputer.com/news/security/time-bandit-chatgpt-jailbreak-bypasses-safeguards-on-sensitive-topics/ www.secnews.physaphae.fr/article.php?IdArticle=8644768 False Malware ChatGPT 3.0000000000000000 Bleeping Computer - Magazine Américain A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. [...]]]> 2025-01-29T19:55:06+00:00 https://www.bleepingcomputer.com/news/security/new-aquabotv3-botnet-malware-targets-mitel-command-injection-flaw/ www.secnews.physaphae.fr/article.php?IdArticle=8644524 False Malware,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain DogWifTools has disclosed on its official Discord channel that its software has been compromised by a supply chain attack that impacted its Windows client, infecting users with malware. [...]]]> 2025-01-29T19:33:11+00:00 https://www.bleepingcomputer.com/news/security/solana-pumpfun-tool-dogwiftool-compromised-to-drain-wallets/ www.secnews.physaphae.fr/article.php?IdArticle=8644525 False Malware,Tool None 2.0000000000000000 Bleeping Computer - Magazine Américain A threat actor targeted low-skilled hackers, known as "script kiddies," with a fake malware builder that secretly infected them with a backdoor to steal data and take over computers. [...]]]> 2025-01-24T11:34:40+00:00 https://www.bleepingcomputer.com/news/security/hacker-infects-18-000-script-kiddies-with-fake-malware-builder/ www.secnews.physaphae.fr/article.php?IdArticle=8642144 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are distributing close to 1,000 web pages mimicking Reddit and the WeTransfer file sharing service that lead to downloading the Lumma Stealer malware. [...]]]> 2025-01-23T14:05:34+00:00 https://www.bleepingcomputer.com/news/security/hundreds-of-fake-reddit-sites-push-lumma-stealer-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8641701 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A malicious campaign has been specifically targeting Juniper edge devices, many acting as VPN gateways, with malware dubbed J-magic that starts a reverse shell only if it detects a "magic packet" in the network traffic. [...]]]> 2025-01-23T10:26:36+00:00 https://www.bleepingcomputer.com/news/security/stealthy-magic-packet-malware-targets-juniper-vpn-gateways/ www.secnews.physaphae.fr/article.php?IdArticle=8641625 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Threat actors on X are exploiting the news around Ross Ulbricht to direct unsuspecting users to a Telegram channel that tricks them into executing PowerShell code that infects them with malware. [...]]]> 2025-01-22T15:35:44+00:00 https://www.bleepingcomputer.com/news/security/telegram-captcha-tricks-you-into-running-malicious-powershell-scripts/ www.secnews.physaphae.fr/article.php?IdArticle=8641263 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain South Korean VPN provider IPany was breached in a supply chain attack by the "PlushDaemon" China-aligned hacking group, who compromised the company\'s VPN installer to deploy the custom \'SlowStepper\' malware. [...]]]> 2025-01-22T10:11:48+00:00 https://www.bleepingcomputer.com/news/security/ipany-vpn-breached-in-supply-chain-attack-to-push-custom-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8641145 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are once again abusing Google ads to spread malware, using a fake Homebrew website to infect Macs and Linux devices with an infostealer that steals credentials, browser data, and cryptocurrency wallets. [...]]]> 2025-01-21T14:58:20+00:00 https://www.bleepingcomputer.com/news/security/fake-homebrew-google-ads-target-mac-users-with-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8640737 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Ransomware gangs are increasingly adopting email bombing followed by posing as tech support in Microsoft Teams calls to trick employees into allowing remote control and install malware that provides access to the company network. [...]]]> 2025-01-21T10:59:29+00:00 https://www.bleepingcomputer.com/news/security/ransomware-gangs-pose-as-it-support-in-microsoft-teams-phishing-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8640659 False Ransomware,Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A newly discovered botnet of 13,000 MikroTik devices uses a misconfiguration in domain name server records to bypass email protections and deliver malware by spoofing roughly 20,000 web domains. [...]]]> 2025-01-15T15:04:45+00:00 https://www.bleepingcomputer.com/news/security/mikrotik-botnet-uses-misconfigured-spf-dns-records-to-spread-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8637880 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A new malware campaign has compromised more than 5,000 WordPress sites to create admin accounts, install a malicious plugin, and steal data. [...]]]> 2025-01-14T15:54:28+00:00 https://www.bleepingcomputer.com/news/security/wp3xyz-malware-attacks-add-rogue-admins-to-5-000-plus-wordpress-sites/ www.secnews.physaphae.fr/article.php?IdArticle=8637332 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain ​The U.S. Department of Justice announced today that the FBI has deleted Chinese PlugX malware from over 4,200 computers in networks across the United States. [...]]]> 2025-01-14T11:26:26+00:00 https://www.bleepingcomputer.com/news/security/fbi-deletes-chinese-plugx-malware-from-thousands-of-us-computers/ www.secnews.physaphae.fr/article.php?IdArticle=8637596 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. [...]]]> 2025-01-11T10:21:31+00:00 https://www.bleepingcomputer.com/news/security/fake-ldapnightmware-exploit-on-github-spreads-infostealer-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8636035 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Docker is warning that Docker Desktop is not starting on macOS due to malware warnings after some files were signed with an incorrect code-signing certificate. [...]]]> 2025-01-10T11:37:59+00:00 https://www.bleepingcomputer.com/news/security/docker-desktop-blocked-on-macs-due-to-false-malware-alert/ www.secnews.physaphae.fr/article.php?IdArticle=8635695 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called \'Dryhook\' and \'Phasejam\' that is not currently associated with any threat group. [...]]]> 2025-01-09T11:11:20+00:00 https://www.bleepingcomputer.com/news/security/google-chinese-hackers-likely-behind-ivanti-vpn-zero-day-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8635336 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in zero-day attacks to install malware on appliances. [...]]]> 2025-01-08T15:43:34+00:00 https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-connect-secure-flaw-used-in-zero-day-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8635045 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain New variants of the Eagerbee malware framework are being deployed against government organizations and internet service providers (ISPs) in the Middle East. [...]]]> 2025-01-06T09:54:56+00:00 https://www.bleepingcomputer.com/news/security/eagerbee-backdoor-deployed-against-middle-eastern-govt-orgs-isps/ www.secnews.physaphae.fr/article.php?IdArticle=8634145 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A new Android malware named \'FireScam\' is being distributed as a premium version of the Telegram app via phishing websites on GitHub that mimick the RuStore, Russia\'s app market for mobile devices. [...]]]> 2025-01-04T10:16:26+00:00 https://www.bleepingcomputer.com/news/security/new-firescam-android-data-theft-malware-poses-as-telegram-premium-app/ www.secnews.physaphae.fr/article.php?IdArticle=8633668 False Malware,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain GitHub has a problem with inauthentic "stars" used to artificially inflate the popularity of scam and malware distribution repositories to appear more popular, helping them reach more unsuspecting users. [...]]]> 2024-12-31T10:13:12+00:00 https://www.bleepingcomputer.com/news/security/over-31-million-fake-stars-on-github-projects-used-to-boost-rankings/ www.secnews.physaphae.fr/article.php?IdArticle=8632067 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Two botnets tracked as \'Ficora\' and \'Capsaicin\' have recorded increased activity in targeting D-Link routers that have reached end of life or are running outdated firmware versions. [...]]]> 2024-12-29T10:09:28+00:00 https://www.bleepingcomputer.com/news/security/malware-botnets-exploit-outdated-d-link-routers-in-recent-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8631557 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain North Korean threat actors are using new malware called OtterCookie in the Contagious Interview campaign that is targeting software developers. [...]]]> 2024-12-26T11:53:10+00:00 https://www.bleepingcomputer.com/news/security/new-ottercookie-malware-used-to-backdoor-devs-in-fake-job-offers/ www.secnews.physaphae.fr/article.php?IdArticle=8630269 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new Mirai-based malware campaign is actively exploiting unpatched vulnerabilities in Internet of Things (IoT) devices, including DigiEver DS-2105 Pro DVRs. [...]]]> 2024-12-24T15:04:03+00:00 https://www.bleepingcomputer.com/news/security/new-botnet-exploits-vulnerabilities-in-nvrs-tp-link-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8629612 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group. [...]]]> 2024-12-20T11:48:25+00:00 https://www.bleepingcomputer.com/news/security/us-charges-russian-israeli-as-suspected-lockbit-ransomware-coder/ www.secnews.physaphae.fr/article.php?IdArticle=8628024 False Ransomware,Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain The BadBox Android malware botnet has grown to over 192,000 infected devices worldwide despite a recent sinkhole operation that attempted to disrupt the operation in Germany. [...]]]> 2024-12-19T17:01:58+00:00 https://www.bleepingcomputer.com/news/security/badbox-malware-botnet-infects-192-000-android-devices-despite-disruption/ www.secnews.physaphae.fr/article.php?IdArticle=8627685 False Malware,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain A malicious Android spyware application named \'BMI CalculationVsn\' was discovered on the Amazon Appstore, masquerading as a simple health tool but stealing data from infected devices in the background. [...]]]> 2024-12-19T13:59:26+00:00 https://www.bleepingcomputer.com/news/security/android-spyware-found-on-amazon-appstore-disguised-as-health-app/ www.secnews.physaphae.fr/article.php?IdArticle=8627629 False Malware,Tool,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Juniper Networks has warned customers of Mirai malware attacks scanning the Internet for Session Smart routers using default credentials. [...]]]> 2024-12-19T13:27:00+00:00 https://www.bleepingcomputer.com/news/security/juniper-warns-of-mirai-botnet-scanning-for-session-smart-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8627866 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain ​​Ukrainian national Mark Sokolovsky was sentenced today to five years in prison for his involvement in the Raccoon Stealer malware cybercrime operation. [...]]]> 2024-12-18T16:58:26+00:00 https://www.bleepingcomputer.com/news/security/raccoon-stealer-malware-operator-gets-5-years-in-prison-after-guilty-plea/ www.secnews.physaphae.fr/article.php?IdArticle=8627240 False Malware,Legislation None 2.0000000000000000 Bleeping Computer - Magazine Américain A cyberespionage threat group known as \'Bitter\' was observed targeting defense organizations in Turkey using a novel malware family named MiyaRAT. [...]]]> 2024-12-17T17:29:44+00:00 https://www.bleepingcomputer.com/news/security/bitter-cyberspies-target-defense-orgs-with-new-miyarat-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8626774 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. [...]]]> 2024-12-16T17:22:35+00:00 https://www.bleepingcomputer.com/news/security/fbi-spots-hiatusrat-malware-attacks-targeting-web-cameras-dvrs/ www.secnews.physaphae.fr/article.php?IdArticle=8626269 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot. [...]]]> 2024-12-16T14:32:07+00:00 https://www.bleepingcomputer.com/news/security/malicious-ads-push-lumma-infostealer-via-fake-captcha-pages/ www.secnews.physaphae.fr/article.php?IdArticle=8626202 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Germany\'s Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. [...]]]> 2024-12-13T10:22:05+00:00 https://www.bleepingcomputer.com/news/security/germany-blocks-badbox-malware-loaded-on-30-000-android-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8624678 False Malware,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems. [...]]]> 2024-12-12T17:35:24+00:00 https://www.bleepingcomputer.com/news/security/new-stealthy-pumakit-linux-rootkit-malware-spotted-in-the-wild/ www.secnews.physaphae.fr/article.php?IdArticle=8624267 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. [...]]]> 2024-12-12T15:46:32+00:00 https://www.bleepingcomputer.com/news/security/new-iocontrol-malware-used-in-critical-infrastructure-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8624213 False Malware,Threat,Industrial None 3.0000000000000000 Bleeping Computer - Magazine Américain Cybercriminals are targeting people working in Web3 with fake business meetings using a fraudulent video conferencing platform that infects Windows and Macs with crypto-stealing malware. [...]]]> 2024-12-06T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/crypto-stealing-malware-posing-as-a-meeting-app-targets-web3-pros/ www.secnews.physaphae.fr/article.php?IdArticle=8620716 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Latrodectus is a versatile malware family that infiltrate systems, steal sensitive data, and evades detection. Learn more from Wazuh about Latrodectus malware and how to defend against it using the open-source XDR. [...]]]> 2024-12-05T10:02:12+00:00 https://www.bleepingcomputer.com/news/security/latrodectus-malware-and-how-to-defend-against-it-with-wazuh/ www.secnews.physaphae.fr/article.php?IdArticle=8620129 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A new Android banking malware named \'DroidBot\' attempts to steal credentials for over 77 cryptocurrency exchanges and banking apps in the UK, Italy, France, Spain, and Portugal. [...]]]> 2024-12-04T13:26:24+00:00 https://www.bleepingcomputer.com/news/security/new-droidbot-android-malware-targets-77-banking-crypto-apps/ www.secnews.physaphae.fr/article.php?IdArticle=8619763 False Malware,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain The recently uncovered \'Bootkitty\' UEFI bootkit, the first malware of its kind targeting Linux systems, exploits CVE-2023-40238, aka \'LogoFAIL,\' to infect computers running on a vulnerable UEFI firmware. [...]]]> 2024-12-02T13:07:03+00:00 https://www.bleepingcomputer.com/news/security/bootkitty-uefi-malware-exploits-logofail-to-infect-linux-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8618758 False Malware None 2.0000000000000000