Tag: malware
697 articles
Hackers Exploit ChatGPT Features in Malware Phishing Campaigns
Hackers are exploiting ChatGPT's features to create convincing phishing pages that trick victims into downloading malware, using the platform's code-rendering feature to build fake pages that appear legitimate. These attacks cleverly use trusted ChatGPT domains to evade detection, making them harder to spot.
Threat Actors Exploit ChatGPT Sharing Feature to Deliver Malware
Malicious actors are exploiting ChatGPT's sharing feature to spread malware, using convincing fake outage messages to trick users into downloading malicious desktop applications. They even hijacked Google ads to make their scam look legit.
Reaper Stealer Targets macOS Users with Password, Wallet Theft and Backdoor Attacks
macOS users beware: Reaper Stealer malware is on the loose, stealing passwords, crypto-wallets, and installing backdoors on infected machines. This triple-threat attack puts Apple platform users and their defenders on high alert.
INTERPOL Disrupts Cybercrime Networks with 'Operation Ramz' Arrests
In a major crackdown on cybercrime, INTERPOL's Operation Ramz has led to over 200 arrests and identified 382 suspects across 13 countries in the Middle East and North Africa, disrupting phishing, malware, and online fraud networks that cost the region dearly. The operation resulted in the seizure of 53 servers and uncovered nearly 8,000 intelligence packages linked to over 3,800 victims.
Node-ipc Package Infected with Credential-Stealing Malware
A malicious update to the widely-used node-ipc library has infected thousands of projects with credential-stealing malware, posing a significant supply-chain risk for developer environments and CI systems. With over 690,000 weekly downloads, this single compromised library could be exfiltrating sensitive data from countless unsuspecting users.
Banking Trojan Targets Crypto Firms with Sophisticated Attacks
A new banking Trojan, dubbed TCLBanker, is wreaking havoc on crypto and finance platforms, allowing hackers to remotely control infected systems and steal sensitive info. This sophisticated attack, linked to North Korea's notorious Lazarus Group, has already led to the largest crypto platform hack of 2026.
Malware Infects Hundreds of Open-Source Packages in Supply-Chain Attack
A massive supply-chain attack, dubbed "mini Shai-Hulud," has infected hundreds of open-source packages with credential-stealing malware, putting millions of developers and users at risk. The malicious code has been embedded in widely-used libraries and projects, including TanStack's React Router, which alone has over 12 million weekly downloads.
Security Teams Overlook AI-Enabled Threats in Cloud Risk Management
Cyber threats are evolving at an alarming rate, with AI-enabled attackers now launching faster and more sophisticated attacks on cloud and hybrid environments. Security teams must stay vigilant against emerging threats like AI-driven phishing, malware, and credential compromise.
DAEMON Tools Breach Exposes Thousands to Malware
A recent breach at DAEMON Tools exposed thousands to malware, prompting an immediate response from the company to secure its infrastructure and release a clean build of its software. Version 12.6 of DAEMON Tools Lite has been confirmed safe, and users of paid versions can continue using their software as usual.
Malware Worms Into SAP, Intercom and Lightning Developer Tools
Malicious actors struck SAP's JavaScript and cloud application development ecosystem on April 29, releasing poisoned versions of four widely-used npm packages that receive a staggering 572,000 weekly downloads. The compromised packages, which included mbt, @cap-js/db-service, @cap-js/postgres, and @cap-js/sqlite, were published in a brief window of just two hours.
ZionSiphon Malware Targets Water Infrastructure Systems becomes ZionSiphon Malware Infiltrates Water Infrastructure Systems
Imagine malware that's not just a data thief, but a menacing force that can map and disrupt the very plumbing of a city - that's the alarming reality of ZionSiphon, a malicious tool targeting water infrastructure systems with sabotage and scanning capabilities. This sinister malware can scan, disrupt, and wreak havoc on operational-technology water systems, posing a significant threat to public safety.
Malware Targets Water Treatment Systems with Sabotage Capabilities
Meet ZionSiphon, a new and alarming type of malware designed to sabotage water treatment systems by stopping the flow of water, posing a significant threat to operational technology in these environments. This malicious software is purpose-built to disrupt, rather than spy or steal, highlighting a chilling new risk for the industry.
n8n Workflow Automation Platform Exploited to Deliver Malware via Phishing Emails
Imagine a tool designed to streamline your work being turned against you - that's what happened when threat actors exploited the popular n8n workflow automation platform to deliver malware via phishing emails, starting as early as October 2025. This clever tactic uses trusted infrastructure to evade defenses, turning productivity tools into a conduit for harm.
Adware Operation Neutralizes Antivirus on 23,000 Hosts via Signed Updates
Imagine receiving a routine software update that secretly disables your antivirus protection, leaving you vulnerable to cyber threats - that's exactly what happened to 23,000 hosts in a shocking adware operation. Hackers cleverly used signed updates to deliver payloads that neutralized antivirus defenses, putting thousands of systems at risk.
Malware Delivers ClipBanker Through Sophisticated Infection Chain
Beware of a sneaky malware that can swap out the cryptocurrency wallet address you copied with a fake one, just by pasting a malicious software masquerading as Proxifier - putting your digital assets at risk. This Trojan uses a multi-stage infection chain to deliver ClipBanker, a stealthy threat that hijacks your clipboard.
Unit 42 Uncovers Axios Supply Chain Attack's Far-Reaching Consequences
When a trusted software pathway is compromised, the consequences can be far-reaching - as Unit 42's recent analysis of the Axios supply chain attack starkly reveals, threatening digital trust and resilience. The team's detailed examination exposes the attack's full chain, from initial dropper to forensic cleanup.
VMware vSphere Ecosystem Targeted by BRICKSTORM Malware Attacks
Imagine an attacker sneaking past your trusted operating system and into the hidden infrastructure that powers your virtual machines - that's the risk posed by BRICKSTORM malware, which targets the VMware vSphere ecosystem. This stealthy threat allows adversaries to operate undetected, evading traditional endpoint tools by establishing persistence at the virtualization layer.
Akira Ransomware Group Accelerates Attacks, Hits Encryption in Under an Hour
The Akira ransomware group has supercharged its attacks, able to go from gaining a foothold to locking files in under an hour - the time it takes to pour a cup of coffee. This lightning-fast approach drastically shrinks the window for defenders and ups the ante for victims to pay the ransom.
Microsoft Uncovers Storm-1175's Medusa Ransomware Link
Microsoft just dropped a crucial report linking Storm-1175, a notorious threat actor, to high-velocity Medusa ransomware attacks that exploit flaws in networked systems. This newly uncovered connection raises the alarm for anyone building, defending, or relying on these systems to stay vigilant against Medusa ransomware attacks.
Credential Theft Evolves, Outpaces Breach Monitoring Defenses
Imagine the keys to your online kingdom being quietly copied and stolen before you even notice - that's the alarming reality of credential theft, where infostealers are harvesting sensitive info at scale, often bypassing traditional defenses. Simple breach monitoring just can't keep up with this modern threat.
Ransomware Attacks Evolve to Exploit Stolen Data for Double Extortion
Ransomware attacks have taken a sinister turn, now using stolen data to blackmail victims into paying up - not just by encrypting their files, but by threatening to expose sensitive information to the world. This double extortion tactic adds a whole new level of pressure, forcing victims to weigh the cost of a data breach against the cost of a ransom.
Storm Infostealer Decrypts Credentials to Evade Detection
Meet Storm, a sneaky new infostealer that's taking password theft to the next level by remotely decrypting stolen credentials, allowing hackers to slip past security defenses undetected. This game-changing tactic lets stolen passwords be used immediately, bypassing local security controls that would normally sound the alarm.
Akira Ransomware Executes Attacks in Under 60 Minutes
Akira ransomware has become alarmingly efficient, capable of executing a full-scale attack in under 60 minutes - leaving organizations with an incredibly tight window to detect and respond to threats. This lightning-fast strike highlights the urgent need for robust security measures to counter the rapidly evolving ransomware landscape.
Bugs Chain Into Massive Backdoors, Threats Multiply
When small flaws are linked together, they can create massive backdoors - and the latest ThreatsDay Bulletin is sounding the alarm on this rapidly escalating threat landscape. The result? A multiplying list of active problems demanding attention now.