QBot malware abuses Windows WordPad EXE to infect devices
Once the DLL is loaded, the malware uses C:\Windows\system32\curl.exe to download a DLL camouflaged as a PNG file from a remote host
Read More...
PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted
The volume of malicious users and malicious projects being created on the index in the past week has outpaced our ability to respond in a timely fashion
Read More...
BatLoader campaign impersonates ChatGPT and Midjourney to deliver Redline Stealer
Researchers identified an ongoing BatLoader campaign relying on Google Search Ads to deliver rogue web pages for ChatGPT and Midjourney
Read More...
Malicious Microsoft VSCode extensions steal passwords, open remote shells
The cases discovered demonstrate that threat actors are now actively attempting to infect Windows developers with malicious submissions
Read More...
Fake in-browser Windows updates push Aurora info-stealer malware
Advertised as an info stealer with extensive capabilities and low antivirus detection
Read More...
Hackers start using double DLL sideloading to evade detection
These attack variations begin with an initial vector that leverages a clean application that sideloads a second-stage payload which in turn, sideloads a malicious malware loader DLL
Read More...
New Atomic macOS Malware Steals Keychain Passwords and Crypto Wallets
Users may be manipulated into downloading and executing the malware under the guise of legitimate software
Read More...
Google ads push BumbleBee malware used by ransomware gangs
Considering that the trojanized software is targeting corporate users, infected devices make candidates for the beginning of ransomware attacks
Read More...
LockBit Ransomware Now Targeting Apple macOS Devices
Threat actors behind the LockBit ransomware operation have developed new artifacts that encrypt files on devices running Apple's macOS operating system
Read More...
QBot Expands Initial Access Malware Strategy With PDF-WSF Combo
Qbot's use of a new email distribution method was detected — PDF attachments that download Windows Script Files to install Qbot on victims' devices
Read More...