Lucene search
K

12 matches found

The Hacker News
The Hacker News
added 2026/03/23 6:9 p.m.5 views

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious Microsoft Visual Studio Code VS Code projects. The use of VS Code "tasks.json" to distribute malware...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/02 2:1 p.m.27 views

SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan

Taiwanese entities in manufacturing, healthcare, and information technology sectors have become the target of a new campaign distributing the SmokeLoader malware. "SmokeLoader is well-known for its versatility and advanced evasion techniques, and its modular design allows it to perform a wide ran...

7.8CVSS8.2AI score0.99945EPSS
Exploits62
Qualys Blog
Qualys Blog
added 2024/10/21 4:49 a.m.34 views

Unmasking Lumma Stealer: Analyzing Deceptive Tactics with Fake CAPTCHA

Summary Lumma Stealer is an information-stealing malware available through a Malware-as-a-Service MaaS. It specializes in stealing sensitive data such as passwords, browser information, and cryptocurrency wallet details. The attacker has advanced its tactics, moving from traditional phishing to...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/10 9:57 a.m.11 views

Mustang Panda Deploys Advanced Malware to Spy on Asia-Pacific Governments

The threat actor tracked as Mustang Panda has refined its malware arsenal to include new tools in order to facilitate data exfiltration and the deployment of next-stage payloads, according to new findings from Trend Micro. The cybersecurity firm, which is monitoring the activity cluster under the...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/16 12:31 p.m.36 views

Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer

Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/27 10:22 a.m.52 views

PureCrypter Malware Targets Government Entities in Asia-Pacific and North America

Government entities in Asia-Pacific and North America are being targeted by an unknown threat actor with an off-the-shelf malware downloader known as PureCrypter to deliver an array of information stealers and ransomware. "The PureCrypter campaign uses the domain of a compromised non-profit...

Exploits0
hivepro
hivepro
added 2022/12/27 7:0 a.m.15 views

GuLoader’s Advanced Anti-Analysis Techniques

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary GuLoader is an advanced malware downloader that uses polymorphic shellcode to bypass traditional security solutions. In GuLoader, all embedded DJB2 hash values are mapped against every API used by the...

0.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/12/02 7:0 a.m.25 views

CISA and the FBI issue alert about Cuba ransomware

In the latest StopRansomware effort of publicizing ransomware information for network defenders, the Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have issued a joint Cybersecurity Advisory CSA on the ransomware known as "Cuba." Though named...

1.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/11/17 5:0 p.m.38 views

DEV-0569 finds new ways to deliver Royal ransomware, various payloads

Recent activity from the threat actor that Microsoft tracks as DEV-0569, known to distribute various payloads, has led to the deployment of the Royal ransomware, which first emerged in September 2022 and is being distributed by multiple threat actors. Observed DEV-0569 attacks show a pattern of...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/02/03 2:0 p.m.3 views

Over a Dozen Chrome Extensions Caught Hijacking Google Search Results for Millions

New details have emerged about a vast network of rogue extensions for Chrome and Edge browsers that were found to hijack clicks to links in search results pages to arbitrary URLs, including phishing sites and ads. Collectively called "CacheFlow" by Avast, the 28 extensions in question — including...

6.3AI score
Exploits0
ThreatPost
ThreatPost
added 2021/01/06 9:20 p.m.41 views

It’s Not the Trump Sex Tape, It’s a RAT

As outgoing President Donald Trump continues to dominate headlines, cybercriminals have decided to horn in on the much-gossiped-about — and yet to materialize — Trump sex tape as a lure for malware delivery. A campaign has been uncovered that labels a malware downloader with the filename...

0.2AI score
Exploits0References8
The Hacker News
The Hacker News
added 2020/06/17 9:44 a.m.46 views

Hackers Target Military and Aerospace Staff by Posing as HRs Offering Jobs

Cybersecurity researchers today took the wraps off a new sophisticated cyber-espionage campaign directed against aerospace and military organizations in Europe and the Middle East with an aim to spy on key employees of the targeted firms and, in some case, even to siphon money. The campaign, dubb...

0.8AI score
Exploits0
Rows per page
Query Builder