Cybernews

Got an AI agent on your computer? Assume a breach, security researcher warns

AI coding agents are highly vulnerable to zero-click attacks hidden in simple prompts on websites and repositories, a ...
SecurityWeek

Infostealer Malware Delivered in EmEditor Supply Chain Attack

The text and code editing tool EmEditor was targeted in a supply chain attack that resulted in the distribution of ...
iDrop News

Don’t Trust the Double-Click: This Mac Malware Was ‘Approved’ by Apple

A new version of the MacSync Stealer malware has been found masquerading as a legitimate, notarized app. It bypasses standard macOS security warnings to harvest credentials and crypto wallets.

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for ...
Cryptopolitan

User assets already stolen as new MacSync variant bypasses macOS security

The MacSync Stealer has transitioned from a ClickFix variant to a more sophisticated code-signed malware capable of bypassing traditional macOS ...

New SantaStealer malware is after your passwords and crypto

New SantaStealer malware reportedly threatens holiday shoppers with password theft. This Christmas-themed info-stealer ...
WeLiveSecurity

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage ...
The Hacker News

Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

North Korean group Kimsuky uses QR code phishing sites posing as CJ Logistics to spread DocSwap Android malware with RAT ...
Cybernews

GhostPoster malware campaign exploits live Firefox extensions

Live GhostPoster malware campaign hides malicious JavaScript inside Firefox extension logos, infecting over 50,000 unsuspecting users.
OSTechNix

cron persistence linux malware

Cron persistence is a common Linux malware technique. Learn how it works, how to detect it, and how to remove malicious cron ...

SantaStealer stuffs credentials, crypto wallets into a brand new bag

A new, modular infostealer called SantaStealer, advertised on Telegram with a basic tier priced at $175 per month, promises to make criminals' Christmas dreams come true. It boasts that it can run ...