malware
-
New Malware Campaign Exploits Cloudflare Tunnels to Deliver Malicious Payloads
A new malware campaign, codenamed SERPENTINE#CLOUD, is exploiting Cloudflare Tunnel subdomains to distribute malicious payloads via phishing emails. This sophisticated attack targets users across multiple regions and employs advanced techniques to evade detection.
-
Water Curse: A New Threat Actor Targeting GitHub to Distribute Malware
Researchers have unveiled Water Curse, a new threat actor leveraging GitHub repositories to distribute malware. The malware enables extensive data exfiltration and remote access, underscoring the risks of supply chain attacks through legitimate platforms.
-
Infoblox Exposes Links Between Cybercrime Groups and AdTech Firms
Infoblox Threat Intel has revealed a hidden alliance between cybercrime group VexTrio and legitimate AdTech companies, indicating a complex web of relationships in the digital landscape that warrants ongoing scrutiny.
-
Over 46,000 Grafana Instances Exposed to Serious Security Flaw
A significant security vulnerability affecting over 46,000 Grafana instances remains unpatched, exposing users to the risk of account takeover. The flaw, tracked as CVE-2025-4123, allows attackers to execute malicious plugins, prompting urgent calls for updates.
-
Massive Malware Campaign Infects Over 269,000 Websites with Malicious JavaScript
A cybersecurity alert has been issued following the compromise of over 269,000 websites by a malware campaign utilizing malicious JavaScript code, showcasing significant vulnerabilities in online security measures.
-
FIN6 Cybercrime Group Targets HR Professionals with Advanced Phishing Operations
The FIN6 cybercrime group has launched a sophisticated phishing campaign targeting HR professionals by exploiting the job application process to deliver malware, according to new research from DomainTools. The group’s use of trusted cloud services complicates detection efforts, highlighting the need for improved security protocols in human resources.
-
INTERPOL Disrupts Cybercrime Network by Dismantling 20,000 Malicious IPs
INTERPOL has successfully dismantled over 20,000 malicious IP addresses linked to information-stealing malware in a major operation involving law enforcement from 26 countries. This initiative underscores a collaborative global effort to combat the growing threat of cybercrime and protect sensitive data.
-
Rare Werewolf APT Targets Russian Entities with Sophisticated Cyber Attacks
Rare Werewolf, an advanced persistent threat (APT) group, is reported to have launched a series of cyber attacks targeting Russian and CIS entities, using legitimate software to enhance the stealth of their operations.
-
OpenAI Bans Accounts Used by Cybercriminals for Malicious AI-Assisted Activities
OpenAI has banned a series of ChatGPT accounts linked to malicious activities by Russian and Chinese cybercriminals, revealing the extent to which threat actors are leveraging AI technology for malware development and social media automation.
-
New Supply Chain Malware Operation Targets GlueStack Packages
A new supply chain attack has targeted GlueStack packages, affecting nearly one million downloads and allowing hackers to execute commands and steal information from compromised systems.
