WhatsApp Web malware spreads banking trojan automatically

New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations.
CSO Online

Iran-linked MuddyWater APT deploys Rust-based implant in latest campaign

Iran-linked advanced persistent threat group MuddyWater has deployed a Rust-based implant in an ongoing espionage campaign ...
Dark Reading

ClickFix Style Attack Uses Grok, ChatGPT for Malware Delivery

A new attack uses SEO poisoning and popular AI models to deliver infostealer malware, all while leveraging legitimate domains. ClickFix attacks have gained significant popularity over the past year, ...
Fox News

Russian hackers use fake CAPTCHA tests to spread new malware families across multiple targets

Russian state-backed hackers have stepped up their game with new malware families that hide behind fake CAPTCHA tests. The group, known as Star Blizzard or ColdRiver, now uses ClickFix attacks to ...
Ars Technica

5 AI-developed malware families analyzed by Google fail to work and are easily detected

Google on Wednesday revealed five recent malware samples that were built using generative AI. The end results of each one were far below par with professional malware development, a finding that shows ...
Android Authority

New Android malware lags like a human to steal money from your phone (Update: Google statement)

A new Android banking Trojan called Herodotus mimics human behavior, such as random keystroke delays, to evade detection tools. The malware employs device-takeover tactics, including the abuse of ...
Infosecurity-magazine.com

New Stealit Malware Campaign Spreads via VPN and Game Installer Apps

Threat actors are conducting a new malicious campaign deploying the Stealit malware via disguised applications, according to Fortinet. The cybersecurity provider’s threat research lab, FortiGuard Labs ...
The Hacker News

Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable Application (SEA) feature as a way to distribute its ...
Bleeping Computer

VirusTotal finds hidden malware phishing campaign in SVG files

VirusTotal has discovered a phishing campaign hidden in SVG files that create convincing portals impersonating Colombia's judicial system that deliver malware. VirusTotal detected this campaign after ...
SiliconANGLE

Malware-as-a-service turns Android hacking into a plug-and-play business

A new report out today from mobile security firm iVerify Inc. sheds light on the alarming ease with which cybercriminals can now rent advanced Android malware through subscription-based ...
Ars Technica

GitHub abused to distribute payloads on behalf of malware-as-a-service

Researchers from Cisco’s Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to ...
Infosecurity-magazine.com

Malware-as-a-Service Campaign Exploits GitHub to Deliver Payloads

A new malware distribution campaign leveraging public GitHub repositories as a delivery infrastructure for various malicious payloads has been uncovered by security researchers from Cisco Talos. The ...