17 matches found
Malicious code in marked-cs (npm)
This package deploys Windows gh0strat malware via VBScript --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 82f49714fc5f2d734162fbcc4c7c4552ec6d6e89b81109ba8652c3d057686022 Any computer that has this package installed or running should be considered fully compromised...
MAL-2025-70 Malicious code in marked-ps (npm)
This package deploys Windows gh0strat malware via VBScript. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c33f4820622bde56fc1bf9394cd1a6d5af92c7099d9fc2ed247a512cfc480372 Any computer that has this package installed or running should be considered fully compromise...
MAL-2025-69 Malicious code in marked-cs (npm)
This package deploys Windows gh0strat malware via VBScript --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 82f49714fc5f2d734162fbcc4c7c4552ec6d6e89b81109ba8652c3d057686022 Any computer that has this package installed or running should be considered fully compromised...
Malicious code in marked-ps (npm)
This package deploys Windows gh0strat malware via VBScript. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c33f4820622bde56fc1bf9394cd1a6d5af92c7099d9fc2ed247a512cfc480372 Any computer that has this package installed or running should be considered fully compromise...
Threat Round up for December 9 to December 16
Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Dec. 9 and Dec. 16. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...
Threat Roundup for January 31 to February 7
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 31 and Feb. 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...
Threat Roundup for November 29 to December 6
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 29 and Dec. 6. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...
Threat Roundup for September 13 to September 20
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 13 and Sept. 20. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...
Threat Roundup for September 6 to September 13
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 6 and Sept. 13. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristic...
Threat Roundup for July 19 to July 26
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 19 and July 26. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
Threat Roundup for July 12 to July 19
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 12 and July 19. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
Cyber Espionage Group Targets Asian Countries With Bitcoin Mining Malware
Security researchers have discovered a custom-built piece of malware that's wreaking havoc in Asia for past several months and is capable of performing nasty tasks, like password stealing, bitcoin mining, and providing hackers complete remote access to compromised systems. Dubbed Operation PZChao...
APT Threat Targets Tibetans, Journalists and Human Rights Workers
Tibetans, journalists and human rights workers in Hong Kong and Taiwan have been targeted in an APT campaign that makes use of Microsoft Rich Text File RTF documents to compromise computers. Researchers say it’s a new strategy by attackers in an ongoing advanced persistent threat that dates back ...
New IE Zero Day Found Targeting Military Intelligence
Attackers were able to compromise the U.S. Veterans of Foreign Wars’ website this week and serve up a previously unknown zero day exploit in Internet Explorer 10, and while motivation behind the campaign is still unclear, experts are speculating its aim was to procure military intelligence...
Malware More Globally Distributed, Still Made in China
In an attempt to better evade detection, cybercriminals are increasingly configuring their command and control infrastructure in such a way that initial malware callbacks communicate with a server located in the same country as the newly infected machines. This emerging trend is among the vast an...
New Backdoor DDoS Malware Co-Existing on Gh0stRAT-Infected Machines
Gh0st RAT has a new roommate. A new backdoor called ADDNEW has been discovered on machines infected with the Gh0st remote access Trojan, adding new distributed denial of service attack capabilities, as well as a feature that targets passwords and credentials stored on the Firefox browser. Gh0st R...
Chinese Trojans Gh0stRAT used to attack pro-Tibet organisations
Chinese Trojans Gh0stRAT used to attack pro-Tibet organisations AlienVault has discovered a range of spear phishing attacks taking place against a number of Tibetan organizations apparently from Chinese attackers. The security firm believes that the attacks are originating from the same Chinese...