April 10, 2024 at 12:19PM Adversaries are utilizing AI-generated PowerShell scripts, likely produced using OpenAI’s ChatGPT, Google’s Gemini, or Microsoft’s CoPilot, to execute attacks such as the distribution of the Rhadamanthys information stealer. This marks a concerning trend of threat actors applying AI for malicious activities, prompting concerns about the potential impact on cybersecurity and … Read more
March 30, 2024 at 03:45AM Malicious ads and bogus websites are enabling the delivery of two different stealer malware targeting Apple macOS users. These attacks aim to steal sensitive data, with one attack leveraging counterfeit websites and the other exploiting a phony software offer. The development indicates an increasing threat to macOS environments from stealer … Read more
March 29, 2024 at 04:32PM A large infostealer malware campaign targets gaming communities, collecting millions of logins from various gaming websites including cheat users. Phantom Overlay developer discovered a database with gaming-related accounts, estimating several million affected gamers. Activision Blizzard advises 2FA to secure compromised accounts. The company’s servers remain secure and uncompromised amidst the … Read more
March 28, 2024 at 02:04PM PyPI, the Python Package Index, has suspended user registrations and new project creation due to an ongoing malware campaign. Threat actors are uploading fake packages to compromise developers, with the latest report from Checkmarx revealing 365 malicious entries and an info-stealer payload. This emphasizes the importance of rigorously verifying open-source … Read more
March 25, 2024 at 10:18AM Summary: Over 100 US and EU organizations have been targeted in recent phishing campaigns distributing the StrelaStealer malware, which harvests credentials from email clients. Palo Alto Networks reports multiple large-scale campaigns with varying techniques, targeting high-tech, finance, legal, government, and other sectors. The evolving malware aims to evade security detection. … Read more
February 28, 2024 at 11:57PM Acemagic, a Chinese PC maker, confirmed the presence of Bladabindi and Redline malware on some of its mini PCs. The company explained that developers’ adjustments to enhance user experience inadvertently caused the malware. Acemagic will issue refunds for affected machines and offer rebates for disinfecting and future purchases. The alleged … Read more
February 6, 2024 at 10:10AM Threat actors are using fake Facebook job ads to distribute a new Windows-based stealer malware, Ov3r_Stealer, designed to steal credentials and crypto wallets. The campaign’s end goal remains unknown, but the stolen information may be sold to other threat actors or used to distribute additional payloads, including ransomware. This tactic … Read more
February 5, 2024 at 05:43PM The Palo Alto Networks Unit 42 team uncovered a new variation of the sneaky banking Trojan, Mispadu Stealer, targeting Mexico. This infostealer exploits the Windows SmartScreen bypass vulnerability CVE-2023-36025. With Mispadu continuously evolving, the researchers advise a comprehensive cybersecurity approach, emphasizing staying informed on threat intelligence, robust endpoint protection, and … Read more
January 22, 2024 at 07:18AM Cybersecurity researchers have uncovered a new Java-based information stealer, NS-STEALER, which uses a Discord bot to extract sensitive data from compromised systems. The malware disguises itself as cracked software within ZIP archives and exfiltrates data to a Discord Bot channel. The threat actors behind the Chaes malware have released an … Read more
January 18, 2024 at 11:03AM Infostealer malware poses a significant risk to corporate information security by stealing credentials, cookies, and other data, leading to data breaches and ransomware distribution. Leaked credentials from breaches and infostealers are a substantial threat, prompting organizations to monitor and defend against them. Flare offers a solution to detect and mitigate … Read more