PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries

November 22, 2024 at 01:58AM Researchers found two malicious packages on PyPI, impersonating AI models to deploy the JarkaStealer malware. Uploaded in November 2023, the packages had 1,748 and 1,826 downloads, respectively. They revealed risks of supply chain attacks, emphasizing caution when using open-source components in development. The packages are now unavailable for download. ### … Read more

New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers

November 18, 2024 at 12:57PM Researchers have identified a new malware loader called BabbleLoader, designed to evade detection and deliver information stealers like WhiteSnake and Meduza. It employs various evasion techniques, including runtime resolution and unique code for each sample, complicating analysis. This loader highlights the growing complexity of malware delivery methods. **Meeting Takeaways – … Read more

Fake AI video generators infect Windows, macOS with infostealers

November 16, 2024 at 03:20PM Fake AI image and video generator websites are distributing Lumma Stealer for Windows and AMOS for macOS, both designed to steal credentials and cryptocurrency wallets. These sites impersonate a legitimate application, EditProAI, leading users to malicious downloads. Users should reset compromised passwords and enable multi-factor authentication. ### Meeting Takeaways 1. … Read more

New Glove Stealer malware bypasses Chrome’s cookie encryption

November 14, 2024 at 03:49PM New Glove Stealer malware can infiltrate Google Chrome’s App-Bound encryption, successfully stealing browser cookies. This poses significant security risks, as it can access sensitive information from users’ online activities. **Meeting Takeaways:** 1. **New Malware Alert**: A new information-stealing malware named “Glove Stealer” has been identified. 2. **Bypassing Security Features**: Glove … Read more

New macOS Malware “Cthulhu Stealer” Targets Apple Users’ Data

August 23, 2024 at 01:36AM Cybersecurity researchers have found Cthulhu Stealer, a $500/month macOS-targeting information stealer. It masquerades as popular software, steals passwords and cryptocurrency wallets, and lacks stealth and notable features. Though less frequent, macOS threats exist, prompting Apple to enhance security in upcoming updates. Users are urged to be cautious when downloading software. … Read more

Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform

August 1, 2024 at 10:06AM Threat actors abused the Stack Exchange Q&A platform to target cryptocurrency users, promoting malware-laden Python packages. The malicious packages stole sensitive data, captured screenshots, and provided remote access to victims’ machines. These attacks demonstrate the exploitation of community-driven platforms to conduct large-scale supply chain attacks, urging individuals and organizations to … Read more

Cybercrooks spell trouble with typosquatting domains amid CrowdStrike crisis

July 23, 2024 at 11:23AM Thousands of typosquatting domains are exploiting the desperation of IT admins affected by the CrowdStrike outage. The domains aim to deceive users with small typos and extort money through phishing and extortion tactics. CrowdStrike has issued warnings and guidance for affected organizations, while some customers are still experiencing recovery challenges. … Read more

New ‘Cuckoo’ Persistent macOS Spyware Targeting Intel and Arm Macs

May 6, 2024 at 04:39AM Cybersecurity researchers have discovered a new information stealer, Cuckoo by Kandji, targeting Apple macOS systems. It is capable of running on both Intel- and Arm-based Macs and establishes persistence by utilizing a LaunchAgent. The malware gathers extensive information from the system and tricks users into entering their passwords. It also … Read more

New Python-Based Snake Info Stealer Spreading Through Facebook Messages

March 7, 2024 at 03:33AM Threat actors are using Facebook messages to distribute the Python-based information stealer called Snake, aiming to capture sensitive data like credentials and cookies. The malware is designed to transmit harvested credentials to platforms like Discord, GitHub, and Telegram. It also targets Vietnamese users and reflects a concerning rise in account … Read more

New MrAnon Stealer Malware Targeting German Users via Booking-Themed Scam

December 12, 2023 at 06:00AM A recent phishing campaign delivering the MrAnon Stealer malware via innocuous booking-themed PDFs targets Germany, capturing credentials, system info, browser sessions, and cryptocurrency extensions. Disguised as a hotel booking company, the malicious email prompts victims to download an “Adobe Flash update,” leading to the execution of harmful scripts. The malware … Read more