- Details
- The Hacker News
Cybersecurity researchers have discovered a previously unknown dropper designed to deliver next-stage malware, ultimately aiming to infect Windows systems with information stealers and loaders. Read More..
- Details
- The Hacker News
According to the U.S. government, threat actors associated with the RansomHub ransomware group have encrypted and stolen data from over 210 victims since the group's emergence in February 2024.
These victims come from a range of sectors, including water and wastewater systems, information technology, government services, healthcare, emergency services, food and agriculture, financial services, commercial facilities, critical manufacturing, transportation, and communications infrastructure. Read More..
- Details
- BleepingComputer
An open-source Android malware named 'Ratel RAT' is widely deployed by multiple cybercriminals to attack outdated devices, some aiming to lock them down with a ransomware module that demands payment on Telegram.
Researchers Antonis Terefos and Bohdan Melnykov at Check Point report detecting over 120 campaigns using the Rafel RAT malware.
Known threat actors conduct some of these campaigns, like APT-C-35 (DoNot Team), while in other cases, Iran and Pakistan were determined as the origins of the malicious activity. Read More..
- Details
- BleepingComputer
The RansomHub ransomware operation is using a Linux encryptor designed specifically to encrypt VMware ESXi environments in corporate attacks.
RansomHub is a ransomware-as-a-service (RaaS) operation launched in February 2024, featuring code overlaps and member associations with ALPHV/BlackCat and Knight ransomware, having claimed over 45 victims across 18 countries. Read More..
- Details
- BleepingComputer
A new phishing kit has been released that allows red teamers and cybercriminals to create progressive web Apps (PWAs) that display convincing corporate login forms to steal credentials.
A PWA is a web-based app created using HTML, CSS, and JavaScript that can be installed from a website like a regular desktop application. Once installed, the operating system will create a PWA shortcut and add it to Add or Remove Programs in Windows and under the /Users/<account>/Applications/ folder in macOS.
When launched, a progressive web app will run in the browser you installed it from but be displayed as a desktop application with all the standard browser controls hidden.
Many websites use a PWA to offer a desktop app experience, including X, Instagram, Facebook, and TikTok.Read More..
- New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems
- Google Warns of Actively Exploited Pixel Firmware Zero-Day
- Black Basta Ransomware May Have Exploited MS Windows Zero-Day Flaw
- Microsoft Warns of "Dirty Stream" Attack Impacting Android Apps
- From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware