Please turn on your JavaScript for this page to function normally.
social engineering
TikTok videos + ClickFix tactic = Malware infection

Malware peddlers are using TikTok videos and the ClickFix tactic to trick users into installing infostealer malware on their computers, Trend Micro researchers have warned. …

hand
Lumma Stealer Malware-as-a-Service operation disrupted

A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most …

trojan horse
Trojanized KeePass opens doors for ransomware attackers

A suspected initial access broker has been leveraging trojanized versions of the open-source KeePass password manager to set the stage for ransomware attacks, WithSecure …

Fake AI video
Fake AI platforms deliver malware diguised as video content

A clever malware campaign delivering the novel Noodlophile malware is targeting creators and small businesses looking to enhance their productivity with AI tools. But, in an …

ClickFix
The many variants of the ClickFix social engineering tactic

As new malware delivery campaigns using the ClickFix social engineering tactic are spotted nearly every month, it’s interesting to see how the various attackers are …

Zoom
The Zoom attack you didn’t see coming

Did you know that when participating in a Zoom call, you can grant permission to other participants to control your computer remotely? While this feature may come in handy …

malicious package
Package hallucination: LLMs may deliver malicious code to careless devs

LLMs’ tendency to “hallucinate” code packages that don’t exist could become the basis for a new type of supply chain attack dubbed …

malware
Beware fake AutoCAD, SketchUp sites dropping malware

Malware peddlers are saddling users with the TookPS downloader and the Lapmon and TeviRat backdoors via malicious sites that mimic official ones and ostensibly offer …

open source
Open-source malware doubles, data exfiltration attacks dominate

There’s been a notable shift in the types of threats targeting software developers, with a total of 17,954 open source malware packages identified in Q1 2025, according …

Ivanti
CISA reveals new malware variant used on compromised Ivanti Connect Secure devices

CISA has released indicators of compromise, detection signatures, and updated mitigation advice for rooting out a newly identified malware variant used by the attackers who …

backdoor
RansomHub affiliate leverages multi-function Betruger backdoor

A RansomHub affiliate is leveraging a new multi-function backdoor dubbed Betruger to perform various actions during their attacks, Symantec researchers have discovered. The …

Biohazard
Stealthy StilachiRAT steals data, may enable lateral movement

While still not widely distributed, a new Windows remote access trojan (RAT) dubbed StilachiRAT is a serious threat. “[The malware] demonstrates sophisticated techniques …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools