Threat actors are abusing Microsoft Teams voice calls to impersonate corporate IT support and trick employees into giving them remote access to company devices. Palo Alto Networks’ Unit 42 reported ...
North Korean hackers are targeting open source software developers with a backdoor and an information stealer as part of a ...
North Korean threat actors are escalating the PolinRider supply chain attack across Go, Packagist, and npm package ...
A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, ...
Bitdefender security researchers have discovered that attackers continue to exploit Microsoft HTML Application Host (MSHTA), a legacy utility available by default on Windows systems that can execute ...
The post Attackers adopt JavaScript runtime Bun to spread NWHStealer appeared first on Malwarebytes. In our previous research, we analyzed a Windows infostealer we track as NWHStealer. The attackers ...
Microsoft Defender Experts identified a coordinated developer-targeting campaign delivered through malicious repositories disguised as legitimate Next.js projects and technical assessment materials.
A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions with more than 50,000 downloads, to monitor browser activity and plant a backdoor. The ...