Lucene search
K

230 matches found

The Hacker News
The Hacker News
added 2026/03/19 9:14 a.m.8 views

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

A new exploit kit for Apple iOS devices designed to steal sensitive data from is being wielded by multiple threat actors since at least November 2025, according to reports from Google Threat Intelligence Group GTIG, iVerify, and Lookout. According to GTIG, multiple commercial surveillance vendors...

8.8CVSS7.9AI score0.22359EPSS
Exploits16
The Hacker News
The Hacker News
added 2026/03/12 7:56 a.m.6 views

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud. The Android malware range from traditional banking trojans like PixRevolution , TaxiSpy RAT , BeatBanker , Mirax , an...

6AI score
Exploits0
HackRead
HackRead
added 2026/03/09 5:31 p.m.15 views

Fake CleanMyMac Site Uses ClickFix Trick to Install SHub Stealer on macOS

Researchers warn of a fake CleanMyMac site using a ClickFix attack to install SHub Stealer on macOS and steal passwords and crypto wallets...

5.6AI score
Exploits0
HackRead
HackRead
added 2026/02/21 6:20 p.m.2 views

New ClickFix Attack Targets Crypto Wallets and 25+ Browsers with Infostealer

Researchers at CyberProof have identified a new fake captcha campaign linked to the ClickFix operation. This stealthy infostealer targets over 25 browsers, cryptocurrency wallets like MetaMask, and gaming accounts by tricking users into executing malicious PowerShell commands...

5.6AI score
Exploits0
HackRead
HackRead
added 2026/01/23 9:58 p.m.8 views

149M Logins from Roblox, TikTok, Netflix, Crypto Wallets Found Online

Another day, another trove of login credentials in plain text found online...

5.4AI score
Exploits0
HackRead
HackRead
added 2025/12/17 6:13 p.m.7 views

14 Malicious NuGet Packages Found Stealing Crypto Wallets and Ad Data

ReversingLabs discovers 14 malicious NuGet packages, including Netherеum.All, using homoglyphs and fake downloads to steal crypto wallets and Google Ads data...

7AI score
Exploits0
Snyk
Snyk
added 2025/11/30 1:14 p.m.4 views

Malicious Package

Overview logify-pino is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package. Once...

9.8CVSS7.2AI score
Exploits0References3
Snyk
Snyk
added 2025/11/30 1:14 p.m.2 views

Malicious Package

Overview react-resizable-text is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this...

9.8CVSS7.2AI score
Exploits0References3
Snyk
Snyk
added 2025/11/30 1:14 p.m.2 views

Malicious Package

Overview json-panels is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package. Once...

9.8CVSS7.2AI score
Exploits0References3
HackRead
HackRead
added 2025/11/26 11:14 a.m.4 views

Fake Battlefield 6 Downloads Are Spreading Malware, Stealing Player Data

Bitdefender Labs found fake Battlefield 6 pirated copies and trainers spreading aggressive malware, C2 agents, and infostealers, designed to steal player data and crypto-wallets...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/19 5:55 a.m.7 views

Malicious code in cline-ai-main.cline-ai-agent (VSCode)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 04aeefbf39e1e9157280b91899a141e4f4c6619d434c594e4a2d3bf43883dbe6 This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/19 5:55 a.m.6 views

Malicious code in srcery-colors.srcery-colors (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 2249e8ad553f2a774e7f7e3418d19c033832fcdd1253c29e8bdb92427cb55644 This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...

7AI score
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-37410

Malicious code in bioql PyPI...

9.6CVSS9.2AI score0.01017EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2025/09/15 9:21 p.m.7 views

[email protected] contains malware after npm account takeover

Impact On 8 September 2025, the npm publishing account for backslash was taken over after a phishing attack. Version 0.2.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency transactions to the attacker's own...

8.8CVSS6.6AI score0.00378EPSS
Exploits0References7Affected Software1
HackRead
HackRead
added 2025/08/20 11:22 a.m.5 views

AI Website Builder Lovable Abused for Phishing and Malware Scams

Scammers have been spotted abusing AI site builder Lovable to mimic trusted brands, steal credentials, drain crypto wallets,…...

7.3AI score
Exploits0
HackRead
HackRead
added 2025/08/08 11:32 a.m.3 views

GreedyBear: 40 Fake Crypto Wallet Extensions Found on Firefox Marketplace

A new, coordinated cybercrime campaign called "GreedyBear" has stolen over $1 million from crypto users. Learn how the group uses malicious extensions, malware, and fake websites in an industrial-scale attack uncovered by Koi Security...

7.3AI score
Exploits0
HackRead
HackRead
added 2025/07/24 9:56 p.m.7 views

Scavenger Trojan Targets Crypto Wallets via Game Mods and Browser Flaws

New Scavenger Trojan steals crypto wallet data using fake game mods and browser flaws, targeting MetaMask, Exodus, Bitwarden, and other popular apps...

7.4AI score
Exploits0
HackRead
HackRead
added 2025/06/26 11:36 p.m.7 views

How an Email, Crypto Wallet and YouTube Activity Led the FBI to IntelBroker

FBI tracked IntelBroker as UK’s Kai West using an email address, crypto trails, YouTube activity and forum posts after dozens of high-profile data breaches and darknet activity...

7.4AI score
Exploits0
OSV
OSV
added 2025/05/27 5:53 a.m.3 views

MAL-2025-191728 Malicious code in fernets (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 95fc75ed8a4cfcccc988b2241772effbc15eb3700a6a96f3183981a1b4c7fba7 If imported, the module starts a multi-stage infostealer, exfiltrating browser data as well as crypto wallets, and also attempts to monitor clipboard looking f...

6.8AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/27 12:0 a.m.4 views

Lazarus Group Targets Crypto-Wallets and Financial Data While Employing New Tradecrafts

This report presents a comprehensive analysis of a malicious software sample, detailing its architecture, behavioral characteristics, and underlying intent. Through static and dynamic examination, the malware core functionalities, including persistence mechanisms, command-and-control communicatio...

6.9AI score
Exploits0
Rows per page
Query Builder