Windows version of SprySOCKS Linux malware used to attack govt orgs
Windows variants for the SprySOCKS Linux malware have been used in attacks targeting government organizations in at least four countries. [.
20 articles
Windows variants for the SprySOCKS Linux malware have been used in attacks targeting government organizations in at least four countries. [.
ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced stealthiness
The attackers, identified as UNC6508, likely exploited older, vulnerable versions of REDCap to gain initial access, although the exact method remains undeter...
A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive r...
The Argamal malware is distributed through adult game websites, file-sharing platforms, and torrent trackers.
Over 50 Android apps on official stores spread MagicAd trojan, using system tricks to force background ads even after infected apps are closed.
Deep learning systems on phones, cars, and other edge devices increasingly run on custom silicon. Specialized chips such as FPGAs and ASICs give these system...
Kaspersky found Argamal malware hidden in hentai game installers, giving hackers remote access through working games shared on adult sites and torrents.
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Iron...
Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any...
Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any...
More than 400 packages in the Arch User Repository (AUR) are distributing a Linux rootkit and infostealer malware targeting credentials and access tokens. [.
Authorities seize crypto-laundering network and fake recruitment sites, JDY botnet targets U.S.
The issue affects patch files for Desigo CC versions 7 through 9.
A rapidly developing software supply chain attack known as Miasma is one of the latest to move from targeting Red Hat npm packages to infecting numerous Micr...
OnyxC2 is a MaaS stealer targeting 210+ apps, using DLL sideloading, encrypted payloads, and remote access features to evade detection.
OnyxC2 is a MaaS stealer targeting 210+ apps, using DLL sideloading, encrypted payloads, and remote access features to evade detection.
Fake AI guides hide a multi-stage chain that drops AsyncRAT, with signs of AI-assisted coding
Hackers are using fake Claude Code guide and AI PDFs to spread AsyncRAT malware via Windows attack using PowerShell and Defender exclusions.
GoFlateLoader, a widespread Golang loader that has become a go-to delivery mechanism for multiple infostealers including Lumma, Vidar, StealC, Amatera and Re...