Lucene search
K

70 matches found

The Hacker News
The Hacker News
added 2026/05/20 2:36 p.m.33 views

Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks

Microsoft on Tuesday said it disrupted a malware-signing-as-a-service MSaaS operation that weaponized the company's Artifact Signing system to deliver malicious code and conduct ransomware and other attacks, compromising thousands of machines and networks across the world. The tech giant attribut...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/23 8:40 a.m.13 views

Vercel Finds More Compromised Accounts in Context.ai-Linked Breach

Vercel on Wednesday revealed that it has identified an additional set of customer accounts that were compromised as part of a security incident that enabled unauthorized access to its internal systems. The company said it made the discovery after expanding its investigation to include an extra se...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/06 6:44 a.m.14 views

Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer

Microsoft on Thursday disclosed details of a new widespread ClickFix social engineering campaign that has leveraged the Windows Terminal app as a way to activate a sophisticated attack chain and deploy the Lumma Stealer malware. The activity, observed in February 2026, makes use of the terminal...

6.3AI score
Exploits0
Securelist
Securelist
added 2026/02/11 2:0 p.m.7 views

The game is over: when “free” comes at too high a price. What we know about RenEngine

We often describe cases of malware distribution under the guise of game cheats and pirated software. Sometimes such methods are used to spread complex malware that employs advanced techniques and sophisticated infection chains. In February 2026, researchers from Howler Cell announced the discover...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/14 2:18 p.m.11 views

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

Security experts have disclosed details of an active malware campaign that's exploiting a DLL side-loading vulnerability in a legitimate binary associated with the open-source c-ares library to bypass security controls and deliver a wide range of commodity trojans and stealers. "Attackers achieve...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/29 11:48 a.m.7 views

Malware in 2025 spread far beyond Windows PCs

This blog is part of a series highlighting new and concerning trends we noticed over the last year. Trends matter because they almost always provide a good indication of what 's coming next. If there’s one thing that became very clear in 2025, it’s that malware is no longer focused on Windows...

7.2AI score
Exploits0
HackRead
HackRead
added 2025/11/13 12:5 p.m.2 views

Top 3 Malware Families in Q4: How to Keep Your SOC Ready

Q3 showed sharp growth in malware activity as Lumma AgentTesla and Xworm drove access and data theft forcing SOC teams toward quicker behavior checks...

7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/11/13 12:0 a.m.5 views

Increase in Lumma Stealer Activity Coincides with Use of Adaptive Browser Fingerprinting Tactics

In this blog entry, Trend™ Research analyses the layered command-and-control approaches that Lumma Stealer uses to maintain its ongoing operations while enhancing collection of victim-environment data...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/07 3:1 p.m.4 views

Fake CAPTCHA sites now have tutorial videos to help victims install malware

Early on in 2025, I described how criminals used fake CAPTCHA sites and a clipboard hijacker to provide instructions for website visitors that would effectively infect their own machines with an information stealer known as the Lumma Stealer. ClickFix is the name researchers have since given to...

7.6AI score
Exploits0
HackRead
HackRead
added 2025/11/03 11:5 a.m.4 views

YouTube ‘Ghost Network’ Spreads Infostealer via 3,000 Fake Videos

Check Point Research exposed a sophisticated, role-based operation called the YouTube Ghost Network, distributing dangerous Lumma and Rhadamanthys Infostealer malware. Learn how cybercriminals use hijacked channels and bots to triple malicious video output and steal user credentials...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/23 11:30 a.m.6 views

ThreatsDay Bulletin: $176M Crypto Fine, Hacking Formula 1, Chromium Vulns, AI Hijack & More

Criminals don’t need to be clever all the time; they just follow the easiest path in: trick users, exploit stale components, or abuse trusted systems like OAuth and package registries. If your stack or habits make any of those easy, you’re already a target. This week’s ThreatsDay highlights show...

6.8CVSS8.9AI score0.00446EPSS
Exploits0
HackRead
HackRead
added 2025/10/22 3:56 p.m.3 views

Rival Hackers Dox Alleged Operators of Lumma Stealer

Rival hackers expose the alleged operators behind Lumma Stealer, a major data-theft malware, causing leaks and internal chaos that have slowed its growth...

7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/10/16 12:0 a.m.6 views

Shifts in the Underground: The Impact of Water Kurita’s (Lumma Stealer) Doxxing

A targeted underground doxxing campaign exposed alleged core members of Lumma Stealer Water Kurita, resulting in a sharp decline in its activity and a migration of customers to rival infostealer platforms...

7AI score
Exploits0
Trellix
Trellix
added 2025/10/14 12:0 a.m.9 views

Dark Web Roast - September 2025 Edition

Dark Web Roast - September 2025 Edition By Trellix Advanced Research Center · October 14, 2025 Executive Summary September 2025 brought us a delightful buffet of underground incompetence that makes one wonder if cybercriminals are actively competing for the "Most Spectacular Failure" award. From...

5.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/26 10:45 a.m.3 views

ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners

A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the ClickFix social engineering tactic to deliver information stealers, ransomware, and cryptocurrency miners. The large-scale...

7.7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/08/21 4:0 p.m.23 views

Think before you Click(Fix): Analyzing the ClickFix social engineering technique

Over the past year, Microsoft Threat Intelligence and Microsoft Defender Experts have observed the ClickFix social engineering technique growing in popularity, with campaigns targeting thousands of enterprise and end-user devices globally every day. Since early 2024, we’ve helped multiple custome...

7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/08/21 4:0 p.m.4 views

Think before you Click(Fix): Analyzing the ClickFix social engineering technique

Over the past year, Microsoft Threat Intelligence and Microsoft Defender Experts have observed the ClickFix social engineering technique growing in popularity, with campaigns targeting thousands of enterprise and end-user devices globally every day. Since early 2024, we’ve helped multiple custome...

6.8AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/07/22 12:0 a.m.7 views

Back to Business: Lumma Stealer Returns with Stealthier Methods

Lumma Stealer has re-emerged shortly after its takedown. This time, the cybergroup behind this malware appears to be intent on employing more covert tactics while steadily expanding its reach. This article shares the latest methods used to propagate this threat...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/07/08 5:35 p.m.12 views

Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware

In yet another instance of threat actors repurposing legitimate tools for malicious purposes, it has been discovered that hackers are exploiting a popular red teaming tool called Shellter to distribute stealer malware. The company behind the software said a company that had recently purchased...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/26 9:23 a.m.51 views

⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs

Cyber threats don't show up one at a time anymore. They're layered, planned, and often stay hidden until it's too late. For cybersecurity teams, the key isn't just reacting to alerts—it's spotting early signs of trouble before they become real threats. This update is designed to deliver clear,...

10CVSS8.1AI score0.99589EPSS
Exploits32
Rows per page
Query Builder