Lucene search
K

55 matches found

HackRead
HackRead
added 2026/05/10 4:53 p.m.8 views

Hackers Trick DigiCert Into Issuing Certificates Used to Sign Malware

DigiCert revokes 60 code signing certificates after hackers used a malicious support chat attachment to sign the Zhong Stealer malware...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/09 8:7 a.m.12 views

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code VS Code Marketplace that are designed to infect developer machines with stealer malware. The VS Code extensions masquerade as a premium dark theme and an artificial intelligence AI-powered coding assistan...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/25 2:18 p.m.10 views

JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers

Cybersecurity researchers are calling attention to a new campaign that's leveraging a combination of ClickFix lures and fake adult websites to deceive users into running malicious commands under the guise of a "critical" Windows security update. "Campaign leverages fake adult websites xHamster,...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/24 10:0 a.m.5 views

3,000 YouTube Videos Exposed as Malware Traps in Massive Ghost Network Operation

A malicious network of YouTube accounts has been observed publishing and promoting videos that lead to malware downloads, essentially abusing the popularity and trust associated with the video hosting platform for propagating malicious payloads. Active since 2021, the network has published more...

6.8AI score
Exploits0
GithubExploit
GithubExploit
added 2025/10/23 4:11 a.m.128 views

stealer

Stealer C stealer Chrome, Opera ,Chromium ,Edg...

7.1AI score
Exploits0
HackRead
HackRead
added 2025/10/01 1:13 p.m.3 views

Detour Dog’s DNS Hijacking Infects 30,000 Websites with Strela Stealer

Infoblox reveals how the Detour Dog group used server-side DNS to compromise 30,000+ sites across 89 countries, installing the stealthy Strela Stealer malware...

7AI score
Exploits0
HackRead
HackRead
added 2025/09/18 11:44 a.m.5 views

Fake Empire Podcast Invites Target Crypto Industry with macOS AMOS Stealer

Hackers are posing as Empire podcast hosts, tricking crypto influencers and developers with fake interview invites to deliver macOS AMOS Stealer malware...

6.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/08/21 4:0 p.m.4 views

Think before you Click(Fix): Analyzing the ClickFix social engineering technique

Over the past year, Microsoft Threat Intelligence and Microsoft Defender Experts have observed the ClickFix social engineering technique growing in popularity, with campaigns targeting thousands of enterprise and end-user devices globally every day. Since early 2024, we’ve helped multiple custome...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/07/20 4:13 p.m.8 views

EncryptHub Targets Web3 Developers Using Fake AI Platforms to Deploy Fickle Stealer Malware

The financially motivated threat actor known as EncryptHubaka LARVA-208 and Water Gamayun has been attributed to a new campaign that's targeting Web3 developers to infect them with information stealer malware. "LARVA-208 has evolved its tactics, using fake AI platforms e.g., Norlax AI, mimicking...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/10 2:20 p.m.27 views

Rust-based Myth Stealer Malware Spread via Fake Gaming Sites Targets Chrome, Firefox Users

Cybersecurity researchers have shed light on a previously undocumented Rust-based information stealer called Myth Stealer that's being propagated via fraudulent gaming websites. "Upon execution, the malware displays a fake window to appear legitimate while simultaneously decrypting and executing...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/28 11:25 a.m.17 views

From Infection to Access: A 24-Hour Timeline of a Modern Stealer Campaign

Stealer malware no longer just steals passwords. In 2025, it steals live sessions—and attackers are moving faster and more efficiently than ever. While many associate account takeovers with personal services, the real threat is unfolding in the enterprise. Flare's latest research, The Account and...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/22 8:24 a.m.20 views

FBI and Europol Disrupt Lumma Stealer Malware Network Linked to 10 Million Infections

A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure associated with a commodity information stealer known as Lumma aka LummaC or LummaC2, seizing 2,300 domains that acted as the command-and-control C2...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/28 9:36 a.m.13 views

Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus

The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware by means of a previously undocumented implant. Cybersecurity company Kaspersky is tracking the activity under the name Angry Likho,...

7AI score
Exploits0
Trellix
Trellix
added 2024/11/07 12:0 a.m.10 views

New Stealer Uses Invalid Cert To Compromise Systems

New Stealer Uses Invalid Cert To Compromise Systems By Mohinder Gill, Mallikarjun Wali and Sangram Mohapatro · November 07, 2024 A new Stealer has been making the rounds. Its name: Fickle. Fickle Stealer is a new Rust-based information stealer that spreads through various attack vectors, includin...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/01 3:50 a.m.20 views

New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites

Cybersecurity researchers have disclosed a new phishing kit that has been put to use in campaigns targeting Australia, Japan, Spain, the U.K., and the U.S. since at least September 2024. Netcraft said more than 2,000 phishing websites have been identified the kit, known as Xiū gǒu, with the...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/30 1:0 p.m.17 views

Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware

Cybersecurity researchers have uncovered an ongoing malvertising campaign that abuses Meta's advertising platform and hijacked Facebook accounts to distribute an information stealer known as SYS01stealer. "The hackers behind the campaign use trusted brands to expand their reach," Bitdefender Labs...

7.3AI score
Exploits0
Information Security Automation
Information Security Automation
added 2024/10/30 10:51 a.m.27 views

What is known about the Spoofing – Windows MSHTML Platform (CVE-2024-43573) vulnerability from the October Microsoft Patch Tuesday?

What is known about the Spoofing - Windows MSHTML Platform CVE-2024-43573 vulnerability from the October Microsoft Patch Tuesday? In fact, just that it is being exploited in the wild. There are no write-ups or public exploits yet. The Acknowledgements section in the Microsoft bulletin is empty. I...

8.1CVSS7AI score0.84345EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/10/29 10:59 a.m.13 views

Dutch Police Disrupt Major Info Stealers RedLine and MetaStealer in Operation Magnus

The Dutch National Police, along with international partners, have announced the disruption of the infrastructure powering two information stealers tracked as RedLine and MetaStealer. The takedown, which took place on October 28, 2024, is the result of an international law enforcement task force...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/02 3:36 a.m.38 views

Malicious npm Packages Mimicking 'noblox.js' Compromise Roblox Developers' Systems

Roblox developers are the target of a persistent campaign that seeks to compromise systems through bogus npm packages, once again underscoring how threat actors continue to exploit the trust in the open-source ecosystem to deliver malware. "By mimicking the popular 'noblox.js' library, attackers...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/26 5:52 a.m.30 views

CrowdStrike Warns of New Phishing Scam Targeting German Customers

CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious installers targeting German customers as part of a highly targeted campaign. The cybersecurity company said it identified what it described as an unattributed...

7.3AI score
Exploits0
Rows per page
Query Builder