Latest Malware news

Android 15, Google Play Protect get new anti-malware and anti-fraud features

Today, Google announced new security features coming to Android 15 and Google Play Protect that will help block scams, fraud, and malware apps on users' devices.
- Lawrence Abrams
- May 15, 2024
- 03:53 PM
- 0
Microsoft fixes Windows zero-day exploited in QakBot malware attacks

Microsoft has fixed a zero-day vulnerability exploited in attacks to deliver QakBot and other malware payloads on vulnerable Windows systems.
- Sergiu Gatlan
- May 14, 2024
- 02:18 PM
- 0
Ebury botnet malware infected 400,000 Linux servers since 2009

A malware botnet known as 'Ebury' has infected almost 400,000 Linux servers since 2009, with roughly 100,000 still compromised as of late 2023.
- Bill Toulas
- May 14, 2024
- 12:31 PM
- 0
Poland says Russian military hackers target its govt networks

Poland says a state-backed threat group linked to Russia's military intelligence service (GRU) has been targeting Polish government institutions throughout the week.
- Sergiu Gatlan
- May 09, 2024
- 07:14 PM
- 1
Finland warns of Android malware attacks breaching bank accounts

Finland's Transport and Communications Agency (Traficom) has issued a warning about an ongoing Android malware campaign targeting banking accounts.
- Bill Toulas
- May 05, 2024
- 10:19 AM
- 0
New Cuttlefish malware infects routers to monitor traffic for credentials

A new malware named 'Cuttlefish' has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information.
- Bill Toulas
- May 01, 2024
- 09:00 AM
- 4
New Latrodectus malware attacks use Microsoft, Cloudflare themes

Latrodectus malware is now being distributed in phishing campaigns using Microsoft Azure and Cloudflare lures to appear legitimate while making it harder for email security platforms to detect the emails as malicious.
- Lawrence Abrams
- April 30, 2024
- 06:08 PM
- 0
Millions of Docker repos found pushing malware, phishing sites

Three large-scale campaigns have targeted Docker Hub users, planting millions of repositories designed to push malware and phishing sites since early 2021.
- Sergiu Gatlan
- April 30, 2024
- 01:32 PM
- 2
New Wpeeper Android malware hides behind hacked WordPress sites

A new Android backdoor malware named 'Wpeeper' has been spotted in at least two unofficial app stores mimicking the Uptodown App Store, a popular third-party app store for Android devices with over 220 million downloads.
- Bill Toulas
- April 30, 2024
- 12:41 PM
- 0
Fake job interviews target developers with new Python backdoor

A new campaign tracked as "Dev Popper" is targeting software developers with fake job interviews in an attempt to trick them into installing a Python remote access trojan (RAT).
- Bill Toulas
- April 26, 2024
- 10:20 AM
- 2
Researchers sinkhole PlugX malware server with 2.5 million unique IPs

Researchers have sinkholed a command and control server for a variant of the PlugX malware and observed in six months more than 2.5 million connections from unique IP addresses.
- Bill Toulas
- April 25, 2024
- 03:20 PM
- 2
New Brokewell malware takes over Android devices, steals data

Security researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device, from touches and information displayed to text input and the applications the user launches.
- Bill Toulas
- April 25, 2024
- 06:00 AM
- 2
CoralRaider attacks use CDN cache to push info-stealer malware

A threat actor has been using a content delivery network cache to store information-stealing malware in an ongoing campaign targeting systems U.S., the U.K., Germany, and Japan.
- Bill Toulas
- April 23, 2024
- 05:27 PM
- 0
Hackers hijack antivirus updates to drop GuptiMiner malware

North Korean hackers have been exploiting the updating mechanism of the eScan antivirus to plant backdoors on big corporate networks and deliver cryptocurrency miners through GuptiMiner malware.
- Bill Toulas
- April 23, 2024
- 10:56 AM
- 0
GitLab affected by GitHub-style CDN flaw allowing malware hosting

BleepingComputer recently reported how a GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy. It turns out, GitLab is also affected by this issue and could be abused in a similar fashion.
- Ax Sharma
- April 22, 2024
- 11:05 AM
- 0
Malware dev lures child exploiters into honeytrap to extort them

You rarely root for a cybercriminal, but a new malware campaign targeting child exploiters doesn't make you feel bad for the victims.
- Lawrence Abrams
- April 21, 2024
- 02:49 PM
- 2
GitHub comments abused to push malware via Microsoft repo URLs

A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy.
- Lawrence Abrams
- April 20, 2024
- 10:14 AM
- 1
Fake cheat lures gamers into spreading infostealer malware

A new info-stealing malware linked to Redline poses as a game cheat called 'Cheat Lab,' promising downloaders a free copy if they convince their friends to install it too.
- Bill Toulas
- April 18, 2024
- 08:46 PM
- 0
SoumniBot malware exploits Android bugs to evade detection

A new Android banking malware named 'SoumniBot' is using a less common obfuscation approach by exploiting weaknesses in the Android manifest extraction and parsing procedure.
- Bill Toulas
- April 17, 2024
- 05:38 PM
- 0
Moldovan charged for operating botnet used to push ransomware

The U.S. Justice Department charged Moldovan national Alexander Lefterov, the owner and operator of a large-scale botnet that infected thousands of computers across the United States.
- Sergiu Gatlan
- April 17, 2024
- 02:53 PM
- 0