Lucene search
K

10 matches found

Malwarebytes
Malwarebytes
added 2026/03/16 5:15 p.m.7 views

Hacked sites deliver Vidar infostealer to Windows users

In recent years, ClickFix and fake CAPTCHA techniques have become a popular way for cybercriminals to distribute malware. Instead of exploiting a technical vulnerability, these attacks rely on convincing people to run malicious commands themselves. Our researchers have recently detected a campaig...

6AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2026/03/10 12:0 a.m.4 views

Through the Lens of MDR: Analysis of KongTuke’s ClickFix Abuse of Compromised WordPress Sites

Our analysis of an active KongTuke campaign deploying modeloRAT — malware capable of reconnaissance, command execution, and persistent access — through compromised WordPress sites and fake CAPTCHA lures shows that the group still operates this delivery chain in parallel with the newer CrashFix...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/16 2:52 p.m.14 views

Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites

A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic AMOS, Lumma, Rhadamanthys aka RADTHIEF, and Vidar, targeting both Windows and Apple macOS systems. "UNC5142 is...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/31 8:59 p.m.27 views

Nitrogen shelling malware from hacked sites

Nitrogen is the name given to a campaign and associated malware that have been distributed via malicious search ads. Its signature move is using Python and DLL side-loading to connect to the attackers command and control server. In this blog post, we look at a recent Nitrogen campaign and...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/09 10:38 a.m.3 views

Gootkit Malware Adopts New Tactics to Attack Healthcare and Finance Firms

The Gootkit malware is prominently going after healthcare and finance organizations in the U.S., U.K., and Australia, according to new findings from Cybereason. The cybersecurity firm said it investigated a Gootkit incident in December 2022 that adopted a new method of deployment, with the actors...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/29 8:1 a.m.29 views

Ukraine government and pro-Ukrainian sites hit by DDoS attacks

The Computer Emergency Response Team in Ukraine CERT-UA has announced that Ukraine government web portals and pro-Ukraine sites are subjected to ongoing DDoS distributed denial of service attacks. They dont currently know who is behind these attacks. The attack involves injecting a malicious...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2021/11/18 2:0 p.m.23 views

Spear-Phishing Campaign Exploits Glitch Platform to Steal Credentials

A long-term spear-phishing campaign is targeting employees of major corporations with emails containing PDFs that link to short-lived Glitch apps hosting credential-harvesting SharePoint phishing pages, researchers have found. Researchers from DomainTools discovered the suspicious PDFs – which...

7.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/08/13 1:31 p.m.101 views

WordPress Sites Abused in Aggah Spear-Phishing Campaign

Threat actors are using compromised WordPress websites to target manufacturers across Asia with a new spear-phishing campaign that delivers the Warzone RAT, a commodity infostealer available widely for purchase on criminal forums, researchers have found. The threat group Aggah, believed to be...

7.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2012/06/07 4:27 p.m.53 views

Fake Automated Craigslist Email Notifications Link to Blackhole Exploit Kit

UPDATE: A big wave of emails purporting to be Craigslist notifications but containing links to websites hosting the Black Hole exploit kit hit the Internet yesterday, a day that already was filled with drama surrounding the LinkedIn password dump. The malicious emails, 150,000 of which were caugh...

9.3CVSS8AI score0.88246EPSS
Exploits23References4
ThreatPost
ThreatPost
added 2012/04/19 6:15 p.m.13 views

Analysis: Flashback Spread Via Social Engineering, Then Java Exploits

Kaspersky Lab‘s latest analysis of the Mac OS X Flashback botnet reveals that the botnet’s malware was spread via drive-by downloads on hacked WordPress web sites. From September 2011 until February 2012, the Flashback creators distributed the trojan through compromised WordPress sites that...

2.5AI score
Exploits0References2
Rows per page
Query Builder