malware
-
FamousSparrow Hackers Enhance Cyber Attacks with Modular Backdoor
A China-linked cyberespionage group known as FamousSparrow has intensified its operations by deploying an upgraded version of its backdoor malware, SparrowDoor, against several organizations, including a US-based trade group. ESET researchers have identified significant improvements in the malware’s structure and capabilities, raising concerns about the group’s access to advanced cyber tools.
-
Cybersecurity Breach: 150,000 Websites Compromised by Malicious JavaScript
A cybersecurity campaign has compromised approximately 150,000 legitimate websites through malicious JavaScript injections to promote illegal gambling platforms. Analysts highlight the evolving tactics of threat actors, raising concerns over the integrity and security of online spaces.
-
New Variants of SparrowDoor Malware Linked to Chinese Threat Actor FamousSparrow
The Chinese hacking group FamousSparrow has been linked to recent cyber attacks involving new variants of the SparrowDoor malware and the ShadowPad backdoor, targeting a U.S. trade group and a Mexican research institute.
-
New Malicious npm Packages Target Open-Source Systems with Sophisticated Attacks
Cybersecurity researchers warn of two malicious npm packages, ethers-provider2 and ethers-providerz, designed to alter legitimate installations, providing attackers enhanced access to developer systems. The novel methods underscore the growing sophistication of software supply chain threats.
-
Windows Zero-Day Exploit Traced to EncryptHub, Delivering Diverse Malware
EncryptHub is exploiting a critical zero-day vulnerability in Microsoft Windows, deploying a range of malware, including data stealers, as detailed by Trend Micro. This exploit takes advantage of the Microsoft Management Console’s functionality, posing significant risks to users.
