November 22, 2024 at 01:58AM Researchers found two malicious packages on PyPI, impersonating AI models to deploy the JarkaStealer malware. Uploaded in November 2023, the packages had 1,748 and 1,826 downloads, respectively. They revealed risks of supply chain attacks, emphasizing caution when using open-source components in development. The packages are now unavailable for download. ### … Read more
November 18, 2024 at 12:57PM Researchers have identified a new malware loader called BabbleLoader, designed to evade detection and deliver information stealers like WhiteSnake and Meduza. It employs various evasion techniques, including runtime resolution and unique code for each sample, complicating analysis. This loader highlights the growing complexity of malware delivery methods. **Meeting Takeaways – … Read more
November 16, 2024 at 03:20PM Fake AI image and video generator websites are distributing Lumma Stealer for Windows and AMOS for macOS, both designed to steal credentials and cryptocurrency wallets. These sites impersonate a legitimate application, EditProAI, leading users to malicious downloads. Users should reset compromised passwords and enable multi-factor authentication. ### Meeting Takeaways 1. … Read more
November 14, 2024 at 03:49PM New Glove Stealer malware can infiltrate Google Chrome’s App-Bound encryption, successfully stealing browser cookies. This poses significant security risks, as it can access sensitive information from users’ online activities. **Meeting Takeaways:** 1. **New Malware Alert**: A new information-stealing malware named “Glove Stealer” has been identified. 2. **Bypassing Security Features**: Glove … Read more
August 23, 2024 at 01:36AM Cybersecurity researchers have found Cthulhu Stealer, a $500/month macOS-targeting information stealer. It masquerades as popular software, steals passwords and cryptocurrency wallets, and lacks stealth and notable features. Though less frequent, macOS threats exist, prompting Apple to enhance security in upcoming updates. Users are urged to be cautious when downloading software. … Read more
August 1, 2024 at 10:06AM Threat actors abused the Stack Exchange Q&A platform to target cryptocurrency users, promoting malware-laden Python packages. The malicious packages stole sensitive data, captured screenshots, and provided remote access to victims’ machines. These attacks demonstrate the exploitation of community-driven platforms to conduct large-scale supply chain attacks, urging individuals and organizations to … Read more
July 23, 2024 at 11:23AM Thousands of typosquatting domains are exploiting the desperation of IT admins affected by the CrowdStrike outage. The domains aim to deceive users with small typos and extort money through phishing and extortion tactics. CrowdStrike has issued warnings and guidance for affected organizations, while some customers are still experiencing recovery challenges. … Read more
May 6, 2024 at 04:39AM Cybersecurity researchers have discovered a new information stealer, Cuckoo by Kandji, targeting Apple macOS systems. It is capable of running on both Intel- and Arm-based Macs and establishes persistence by utilizing a LaunchAgent. The malware gathers extensive information from the system and tricks users into entering their passwords. It also … Read more
March 7, 2024 at 03:33AM Threat actors are using Facebook messages to distribute the Python-based information stealer called Snake, aiming to capture sensitive data like credentials and cookies. The malware is designed to transmit harvested credentials to platforms like Discord, GitHub, and Telegram. It also targets Vietnamese users and reflects a concerning rise in account … Read more
December 12, 2023 at 06:00AM A recent phishing campaign delivering the MrAnon Stealer malware via innocuous booking-themed PDFs targets Germany, capturing credentials, system info, browser sessions, and cryptocurrency extensions. Disguised as a hotel booking company, the malicious email prompts victims to download an “Adobe Flash update,” leading to the execution of harmful scripts. The malware … Read more