Tag Malware

Chinese Hackers Employ Stealthy Infection Chain to Deploy LODEINFO Malware

A recently reported cybersecurity incident has revealed a stealthy infection chain employed by the Chinese state-sponsored group known as Stone Panda. This threat actor has been targeting various entities in Japan, including media outlets, governmental and public sector organizations, as well as think tanks, raising alarms about the potential risk…

Read MoreChinese Hackers Employ Stealthy Infection Chain to Deploy LODEINFO Malware

Russian Courts Under Threat from CryWiper Data Wiper Malware Disguised as Ransomware

A new variant of data-wiping malware, identified as CryWiper, has emerged and is specifically targeting Russian government institutions, such as mayoral offices and courthouses. Unlike traditional ransomware that encrypts data, CryWiper masquerades as ransomware but ultimately destroys data without providing any means of recovery. Kaspersky researchers Fedor Sinitsyn and Janis…

Read MoreRussian Courts Under Threat from CryWiper Data Wiper Malware Disguised as Ransomware

Hackers Exploit Legitimate GitHub Codespaces Feature to Distribute Malware

Recent research has highlighted concerning vulnerabilities within GitHub Codespaces, specifically the potential for threat actors to exploit its legitimate features to distribute malware. GitHub Codespaces, a cloud-based development environment, allows users to write, debug, and commit code changes from a browser or integrated within Visual Studio Code. Among its functionalities…

Read MoreHackers Exploit Legitimate GitHub Codespaces Feature to Distribute Malware

Hackers Breach 18 NPM Packages in Supply Chain Attack

Relevant topics include Third Party Risk Management, Cryptocurrency Fraud, and Fraud Management & Cybercrime. Developer Compromised by Phishing Attack Involving a Malicious Email Authored by Akshaya Asokan (asokan_akshaya), David Perera (@daveperera) • September 9, 2025 Image: Shutterstock An attacker compromised 18 widely-used npm packages by embedding cryptocurrency theft malware after…

Read MoreHackers Breach 18 NPM Packages in Supply Chain Attack

Microsoft Acknowledges EncryptHub, the Hacker Connected to Over 618 Breaches, for Revealing Windows Vulnerabilities

Microsoft recently acknowledged an individual operating under the EncryptHub alias for uncovering and reporting two significant security vulnerabilities in Windows. This acknowledgment depicts a complex profile of a person straddling a legitimate cybersecurity career while engaging in cybercriminal activities. According to a detailed analysis by Outpost24 KrakenLabs, the individual behind…

Read MoreMicrosoft Acknowledges EncryptHub, the Hacker Connected to Over 618 Breaches, for Revealing Windows Vulnerabilities

Chinese Tonto Team Hackers’ Second Attempt to Breach Cybersecurity Firm Group-IB Fizzles Out

In June 2022, the advanced persistent threat (APT) group known as Tonto Team attempted to breach the cybersecurity firm Group-IB, although the attack was thwarted. Based in Singapore, Group-IB reported that it successfully detected and blocked a wave of phishing emails aimed at its employees, marking the second attempt on…

Read MoreChinese Tonto Team Hackers’ Second Attempt to Breach Cybersecurity Firm Group-IB Fizzles Out

Automated Sextortion Spyware Captures Webcam Images of Victims Viewing Adult Content

Automated Sextortion Malware Discovered: A Growing Cybersecurity Threat Recent findings by security researchers at Proofpoint have brought to light a troubling evolution in cybersecurity threats. A new variant of infostealer malware, named Stealerium, has emerged, intricately blending data theft with automated sextortion techniques. This malware is designed to hijack a…

Read MoreAutomated Sextortion Spyware Captures Webcam Images of Victims Viewing Adult Content

🔍 Weekly Overview: Nation-State Cyber Attacks, Spyware Warnings, Deepfake Malware Threats, and Supply Chain Vulnerabilities

This week, cybersecurity experts reported a notable uptick in stealthy tactics employed by malicious actors, indicating that the real challenge may lie in identifying the threats that have already infiltrated systems rather than defending against external breaches. Attack methodologies increasingly leverage AI to manipulate public opinion, while malware masquerades within…

Read More🔍 Weekly Overview: Nation-State Cyber Attacks, Spyware Warnings, Deepfake Malware Threats, and Supply Chain Vulnerabilities

⚡ Weekly Roundup: VPN Vulnerabilities, Oracle’s Quiet Breach, Surge in ClickFix, and More

Cybersecurity Update: Rising Threats and Emerging Vulnerabilities In the ever-evolving landscape of cybersecurity, unpatched systems, weak passwords, and neglected plugins serve as gateways for attackers. As supply chains intertwine deeply with the software we depend on, malware is increasingly hidden within seemingly benign avenues, including job offers and cloud services.…

Read More⚡ Weekly Roundup: VPN Vulnerabilities, Oracle’s Quiet Breach, Surge in ClickFix, and More