New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages

The BoryptGrab campaign uses fake SEO‑optimized GitHub repositories and deceptive download pages to distribute a data‑stealing malware family that delivers multiple payloads, including a reverse SSH backdoor, to Windows users...

Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware

Detect and mitigate a critical supply chain compromise affecting over 100+ packages, organizations should act urgently...

Banana Squad Hides Data-Stealing Malware in Fake GitHub Repositories

Banana Squad hid data-stealing malware in fake GitHub repos posing as Python tools, tricking users and targeting sensitive info like browser and wallet data...

CVE-2025-40675

CVE-2025-40675 is a reflected XSS vulnerability reported in Bagisto v2.0.0. The issue arises from the use of the URL parameter query in the /search endpoint, enabling an attacker to inject and execute arbitrary JavaScript in a victim’s browser. The impact described across sources includes potenti...

MAL-2025-45 Malicious code in solana-login (npm)

The package contains several malicious PowerShell and VBS scripts used to harvest browser data, take screenshots, log keystrokes, and establish startup persistence. It also bundles a password stealer and exfiltrates stolen data via Slack and Discord webhooks. --- -= Per source details. Do not edi...

New Data-Stealing Poco RAT Campaign Targeting Spanish Speakers

New Poco RAT Malware Targets Spanish Speakers Through Emails! Disguised as financial documents, Poco RAT steals your info…...

Indian Software Firm's Products Hacked to Spread Data-Stealing Malware

Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to Notezilla, RecentX, and Copywhiz, according to cybersecurity firm Rapid7, which discovered the supply...

‘Operation Endgame’ Hits Malware Delivery Platforms

Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed "the largest ever operation against botnets," the international effort...

New 'Brokewell' Android Malware Spread Through Fake Browser Updates

Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. "Brokewell is a typical modern banking malware equipped with both data-stealing and remote-control capabilities built into the malware," Dutch security firm ThreatFabric said in an analysis...

91,000 Smart LG TV Devices Vulnerable to Remote Takeover

By Waqas LG TVs vulnerable! Update now to block hackers from taking control & stealing data webOS 4-7. Millions at risk! This is a post from HackRead.com Read the original post: 91,000 Smart LG TV Devices Vulnerable to Remote Takeover...

Predator spyware vendor banned in US

The US Treasury Department has sanctioned Predator spyware vendor Intellexa Consortium, and banned the company from doing business in the US. Predator can turn infected smartphones into surveillance devices. Intellexa is based in Greece but the Treasury Department imposed the sanctions because of...

Food Ordering System SQL Injection Vulnerability

Food Ordering System is a food ordering system. A SQL injection vulnerability exists in Food Ordering System v1.0 due to a lack of validation of the id parameter against externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitiv...

Data Stealing Malware Discovered in Popular Android Screen Recorder App

Google has removed a screen recording app named "iRecorder - Screen Recorder" from the Play Store after it was found to sneak in information stealing capabilities nearly a year after the app was published as an innocuous app. The app APK package name "com.tsoft.app.iscreenrecorder", which accrued...

Malicious code in esqproofinthydra (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c0b148ee8917d957ac46b8f1bac8c09d1c45f4cae65b190d419b884935114705 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in libcvproofstr (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx a6c43c3b8b8d86024534eb313df227470f957038de0e25386f6dca717056131b EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in esqhttppywinfo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 17a97dbba753e2b4e6608b309b109f1faf4d4b525cd1cadf260fda3311a78300 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in esqvisastred (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 38da1704b225a9e7e330990b5c052419bf41e5d10da15b756799e741b912d299 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in esqgameultracandy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx d0bac76bc61b569c5a85f88160c1a12af9c1e468233731deaa2befebfc449b50 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in selfproofhttpsplit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 39a979d181de2bdff130e081a259a1b5b5e5b1ebdc0704cd341e34a79843a9ef EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in libloadurlrand (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx fa51c802a5b0b7c780052b75a8e00adc071dc07ae38bc911bf45f0160faf8dbc EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...