The XCSSET info-stealing malware is back, targeting macOS users and devs
A new, improved variant of the XCSSET macOS malware has been spotted “in limited attacks” by Microsoft’s threat researchers. XCSSET macOS malware XCSSET in …
North Korean hackers spotted using ClickFix tactic to deliver malware
North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called …
Over 3 million Fortune 500 employee accounts compromised since 2022
More than three million employee-linked corporate accounts were compromised between 2022 and 2024 across Fortune 500 companies, according to Enzoic. This surge is fueled by …
Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys
A ViewState code injection attack spotted by Microsoft threat researchers in December 2024 could be easily replicated by other attackers, the company warned. “In the …
Crypto-stealing iOS, Android malware found on App Store, Google Play
A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate …
DeepSeek’s popularity exploited to push malicious packages via PyPI
Two malicious packages leveraging the DeepSeek name have been published to the Python Package Index (PyPI) package repository, and in the 30 minutes or so they were up, they …
DeepSeek’s popularity exploited by malware peddlers, scammers
As US-based AI companies struggle with the news that the recently released Chinese-made open source DeepSeek-R1 reasoning model performs as well as theirs for a fraction of …
Europeans targeted with new Tor-using backdoor and infostealers
A financially motivated threat actor has been targeting German and Polish-speaking users with info-stealing malware and TorNet, a previously undocumented .NET backdoor that …
Juniper enterprise routers backdoored via “magic packet” malware
A stealthy attack campaign turned Juniper enterprise-grade routers into entry points to corporate networks via the “J-magic” backdoor, which is loaded into the …
Defense strategies to counter escalating hybrid attacks
In this Help Net Security interview, Tomer Shloman, Sr. Security Researcher at Trellix, talks about attack attribution, outlines solutions for recognizing hybrid threats, and …
China-aligned PlushDaemon APT compromises supply chain of Korean VPN
ESET researchers have uncovered a supply chain attack targeting a South Korean VPN provider, carried out by PlushDaemon, a newly identified China-aligned APT group. In this …
FBI removed PlugX malware from U.S. computers
The Justice Department announced on Tuesday that, alongside international partners, the FBI deleted “PlugX” malware from thousands of infected computers worldwide. …