JavaScript Malware Campaign Drops Crypto Clipper via PowerShell

A large-scale CountLoader campaign that uses layered obfuscation, multi-stage payload delivery, and covert command-and-control (C2) communication to deploy cryptocurrency clipper malware. The campaign stands out for its complex infection chain, combining JavaScript, PowerShell, and in-memory shellcode execution to evade detection…

New Infostealer Campaign Uses GitHub Releases for Payload Hosting and Evasion

itsecuritynews.info - 08/May 15:02

A newly discovered cyberespionage campaign is using a deceptively simple tactic to slip past security defenses: disguising malware as a humanitarian...

TrickMo Android banker adopts TON blockchain for covert comms

bleepingcomputer.com - 11/May 09:03

A new variant of the TrickMo Android banking malware, delivered in campaigns targeting users across Europe, introduces new commands and uses The Open...

TCLBANKER Malware Targets Users Through Self-Propagating WhatsApp and Outlook Worm Modules

itsecuritynews.info - 09/May 07:02

A highly sophisticated Brazilian banking trojan named TCLBANKER, tracked under the campaign REF3076, this malware represents a major update to the...

PureLogs: Delivery via PawsRunner Steganography

itsecuritynews.info - 15/May 16:03

FortiGuard Labs has analyzed a steganography-based malware campaign that uses PawsRunner to deliver the PureLogs infostealer, highlighting evolving...

New ZiChatBot Malware Uses Zulip REST APIs as Command and Control Server

itsecuritynews.info - 08/May 15:02

A newly discovered malware called ZiChatBot has been found quietly using the REST APIs of a legitimate team chat application called Zulip to receive...

ClickFix Evolves Using Decade-Old Open-Source Python SOCKS5 Proxy

itsecuritynews.info - 13/May 09:32

A newly observed ClickFix campaign is pushing beyond simple user-triggered infections, introducing a more persistent and stealthy intrusion chain...

Hackers Leveraged Hugging Face and ClawHub With 575+ Malicious Skills to Deploy Malware

itsecuritynews.info - 08/May 15:02

An active malware distribution campaign abusing two prominent AI platforms Hugging Face and ClawHub to deliver trojans, cryptominers, and infostealers...

New TCLBanker malware self-spreads over WhatsApp and Outlook

bleepingcomputer.com - 07/May 22:06

A new trojan named TCLBanker, which targets 59 banking, fintech, and cryptocurrency platforms, uses a trojanized MSI installer for Logitech AI Prompt...

Detecting and preventing crypto mining in your AWS environment

itsecuritynews.info - 13/May 22:07

This article guides you on how to use Amazon GuardDuty to identify and mitigate cryptocurrency mining threats in your Amazon Web Services (AWS)...

Hackers Abuse Google Ads and Claude.ai Shared Chats to Distribute macOS Malware

itsecuritynews.info - 11/May 10:32

Attackers are currently running a malvertising campaign that uses Google Ads and legitimate shared chats on Claude. Thank you for being a Ghacks...

Rubriques :

JavaScript Malware Campaign Drops Crypto Clipper via PowerShell

Articles similaires

New Infostealer Campaign Uses GitHub Releases for Payload Hosting and Evasion

TrickMo Android banker adopts TON blockchain for covert comms

TCLBANKER Malware Targets Users Through Self-Propagating WhatsApp and Outlook Worm Modules

PureLogs: Delivery via PawsRunner Steganography

New ZiChatBot Malware Uses Zulip REST APIs as Command and Control Server

ClickFix Evolves Using Decade-Old Open-Source Python SOCKS5 Proxy

Hackers Leveraged Hugging Face and ClawHub With 575+ Malicious Skills to Deploy Malware

New TCLBanker malware self-spreads over WhatsApp and Outlook

Detecting and preventing crypto mining in your AWS environment

Hackers Abuse Google Ads and Claude.ai Shared Chats to Distribute macOS Malware

Les derniers communiqués