August 5, 2024 at 10:38AM Criminals are targeting Windows users with SnakeKeylogger, a malicious software that records keystrokes, steals credentials, takes screenshots, and sends sensitive information to fraudsters. This malware, known for its sophistication and crafty exfiltration of data, is typically spread through phishing campaigns. It can be hidden in Office documents or PDFs attached … Read more
June 11, 2024 at 05:03AM Cybersecurity experts have discovered an updated version of malware called ValleyRAT with new capabilities, believed to originate from a China-based threat actor. The malware utilizes a multi-stage process and DLL side-loading to evade security solutions. Additionally, there’s a new phishing campaign targeting Spanish-speaking individuals with an updated keylogger and information … Read more
April 17, 2024 at 10:22AM Multiple botnets are exploiting a command-injection flaw in TP-Link Archer AX21 routers for DDoS attacks. Despite a patch being available for CVE-2023-1389, threat actors are using unpatched devices to deploy botnets like Moobot, Miori, Agoent, Gafgyt, and variants of Mirai. Fortiguard advises applying patches and vigilance against DDoS botnets targeting … Read more
January 5, 2024 at 01:27AM A new variant of the Bandook trojan is being spread through phishing attacks, targeting Windows machines. The malware is distributed via a PDF file embedding a link to a password-protected .7z archive. After extraction, the malware injects its payload into msinfo32.exe. This off-the-shelf malware can remotely control infected systems and … Read more
January 4, 2024 at 06:24AM Three new malicious packages discovered in the Python Package Index (PyPI) repository can deploy a cryptocurrency miner on affected Linux devices. The packages, modularseven, driftme, and catme, attracted 431 downloads before being removed. They conceal their payload, deploy a CoinMiner executable, and persistently exploit devices, evading detection and security software. … Read more