Lucene search
K

76 matches found

The Hacker News
The Hacker News
added 4 days ago6 views

Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power sector across Russia, Brazil, and Kazakhstan. "Armored Likho blends financially motivated campaigns targeting private individuals with targeted...

7.8CVSS7.7AI score0.63102EPSS
Exploits3
The Hacker News
The Hacker News
added 2026/06/16 5:41 p.m.15 views

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader , Lorem Ipsum Loader , and Potemkin , per independent reports from Morphisec, BlueVoyant, and Huntress, respectively. Attacks involving BabaDeda Loader, observed in April...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/03 1:18 p.m.9 views

Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks

Bad actors are increasingly training their sights on trucking and logistics companies with an aim to infect them with remote monitoring and management RMM software for financial gain and ultimately steal cargo freight. The threat cluster, believed to be active since at least June 2025 according t...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/16 2:52 p.m.14 views

Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites

A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic AMOS, Lumma, Rhadamanthys aka RADTHIEF, and Vidar, targeting both Windows and Apple macOS systems. "UNC5142 is...

6.9AI score
Exploits0
HackRead
HackRead
added 2025/10/09 1:11 p.m.6 views

Your Shipment Notification is Now a Malware Dropper

Forcepoint X-Labs reports a surge in sophisticated email attacks using obfuscated JavaScript and steganography to deliver dangerous RATs and info-stealers like Formbook and Agent Tesla. Learn how to defend against the threat...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/07/25 4:41 p.m.6 views

Steam games abused to deliver malware once again

A cybercriminal known as EncryptHub aka Larva-208 has reportedly abused the online game platform Steam to distribute information stealers. EncryptHub managed to sneak malicious files into the Chemia game files hosted on Steam. Chemia is an adventurous survival type of game that puts the player in...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/07/24 3:13 p.m.15 views

CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing

Cybersecurity researchers have shed light on a new versatile malware loader called CastleLoader that has been put to use in campaigns distributing various information stealers and remote access trojans RATs. The activity employs Cloudflare-themed ClickFix phishing attacks and fake GitHub...

7.4AI score
Exploits0
HackRead
HackRead
added 2025/06/05 12:2 p.m.7 views

ClickFix Email Scam Alert: Fake Booking.com Emails Deliver Malware

Cofense Intelligence uncovers a surge in ClickFix email scams impersonating Booking.com, delivering RATs and info-stealers. Learn how these…...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/05 3:50 p.m.51 views

Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws

A likely lone wolf actor behind the EncryptHub persona was acknowledged by Microsoft for discovering and reporting two security flaws in Windows last month, painting a picture of a "conflicted" individual straddling a legitimate career in cybersecurity and pursuing cybercrime. In a new extensive...

7.8CVSS8.5AI score0.31894EPSS
Exploits28
Microsoft Secure
Microsoft Secure
added 2025/03/06 5:0 p.m.12 views

Malvertising campaign leads to info stealers hosted on GitHub

In early December 2024, Microsoft Threat Intelligence detected a large-scale malvertising campaign that impacted nearly one million devices globally in an opportunistic attack to steal information. The attack originated from illegal streaming websites embedded with malvertising redirectors, leadi...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/03/04 9:1 a.m.16 views

Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers

Internet service providers ISPs in China and the West Coast of the United States have become the target of a mass exploitation campaign that deploys information stealers and cryptocurrency miners on compromised hosts. The findings come from the Splunk Threat Research Team, which said the activity...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/24 4:58 p.m.33 views

New Malware Campaign Uses Cracked Software to Spread Lumma and ACR Stealer

Cybersecurity researchers are warning of a new campaign that leverages cracked versions of software as a lure to distribute information stealers like Lumma and ACR Stealer. The AhnLab Security Intelligence Center ASEC said it has observed a spike in the distribution volume of ACR Stealer since...

7.8CVSS7.1AI score0.60954EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/11/18 4:48 p.m.8 views

New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers

Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza. BabbleLoader is an "extremely evasive loader, packed with defensive mechanisms, that is designed...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/29 10:59 a.m.13 views

Dutch Police Disrupt Major Info Stealers RedLine and MetaStealer in Operation Magnus

The Dutch National Police, along with international partners, have announced the disruption of the infrastructure powering two information stealers tracked as RedLine and MetaStealer. The takedown, which took place on October 28, 2024, is the result of an international law enforcement task force...

7AI score
Exploits0
Securelist
Securelist
added 2024/10/21 10:0 a.m.13 views

Stealer here, stealer there, stealers everywhere!

Introduction Information stealers, which are used to collect credentials to then sell them on the dark web or use in subsequent cyberattacks, are actively distributed by cybercriminals. Some of them are available through a monthly subscription model, thus attracting novice cybercriminals. Accordi...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/15 3:20 p.m.35 views

New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT

Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan RAT called DarkVision RAT. The activity, observed by Zscaler ThreatLabz in July 2024, involves a multi-stage process to deliver the RAT...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/23 3:2 p.m.27 views

PEAKLIGHT Downloader Deployed in Attacks Targeting Windows with Malicious Movie Downloads

Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of infecting Windows systems with information stealers and loaders. "This memory-only dropper decrypts and executes a PowerShell-based downloader,"...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/06 9:54 a.m.12 views

Hackers Exploit Legitimate Packer Software to Spread Malware Undetected

Threat actors are increasingly abusing legitimate and commercially available packer software such as BoxedApp to evade detection and distribute malware such as remote access trojans and information stealers. "The majority of the attributed malicious samples targeted financial institutions and...

7.1AI score
Exploits0
Talos Blog
Talos Blog
added 2024/04/23 12:1 p.m.27 views

Suspected CoralRaider continues to expand victimology using three information stealers

By Joey Chen, Chetan Raghuprasad and Alex Karkins. Cisco Talos discovered a new ongoing campaign since at least February 2024, operated by a threat actor distributing three famous infostealer malware, including Cryptbot, LummaC2 and Rhadamanthys. Talos also discovered a new PowerShell command-lin...

8.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/05 10:38 a.m.39 views

Over 225,000 Compromised ChatGPT Credentials Up for Sale on Dark Web Markets

More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show. These credentials were found within information stealer logs associated with LummaC2, Raccoon, and RedLin...

7.4AI score
Exploits0
Rows per page
Query Builder