Steam Malware Attack Targets Chemia Early Access Game
Hackers have compromised the early access Steam game Chemia, injecting it with info-stealing malware and endangering unsuspecting players. The attack marks the third major Steam-related malware campaign in 2025, raising urgent concerns about the platform’s ability to vet developer uploads. Malware Hidden in Game Files The threat actor known as EncryptHub, also tracked as Larva‑208, tampered with the official Chemia
Endgame Gear Malware Tool Infects Users Through Official Site
The official website of gaming mouse maker Endgame Gear recently hosted a malware-infected configuration tool, and it stayed live for over two weeks before anyone noticed. From June 26 to July 9, users downloading the setup tool for the OP1w 4K V2 mouse were unknowingly installing the XRed remote access trojan (RAT). The compromised version was distributed through Endgame Gear’s
Snake Keylogger Evades Windows Defender in Targeted Turkish Espionage Campaign
A new variant of the infamous Snake Keylogger is making headlines after it successfully bypassed Windows Defender in a focused cyber-espionage campaign targeting Turkey’s defense and aerospace sectors. The attack, which leverages stealthy in-memory loaders and scheduled tasks, appears to specifically target firms like TUSAŞ (Turkish Aerospace Industries). Disguised as a legitimate Excel quote request, the executable lures victims into
Konfety Malware Uses Malformed APKs to Evade Android Detection
The Android threat landscape continues to evolve, and cybercriminals are now exploiting even the ZIP format’s underbelly. A newly discovered malware variant named Konfety is setting a dangerous precedent by manipulating how Android Package (APK) files are structured. This manipulation allows it to sidestep traditional analysis and detection methods used by antivirus programs, app stores, and researchers. What makes Konfety
Fake AI Gaming Firms Target Crypto Users with Malware Scam
Cybercriminals are using fake AI and gaming firms to trick cryptocurrency users into installing malware. These fake companies use professional websites, social media presence, and direct outreach to convince victims to download what they claim is "beta software". But it's actually malware designed to steal wallet credentials and other sensitive data. The campaign, active since early 2024 and still growing,
Cursor IDE Crypto Theft: Dev Loses $500K to Malicious Extension
The Cursor IDE crypto theft incident has sent shockwaves through the developer community. A Russian blockchain developer recently lost around $500,000 in cryptocurrency. The loss stemmed from installing what appeared to be a helpful extension for smart contract development. Instead, the extension served as a backdoor for attackers. This breach took place in June 2025. The developer was using Cursor,
PerfektBlue: Critical Bluetooth Bug Puts Modern Vehicles at Risk
A newly disclosed set of Bluetooth vulnerabilities is putting millions of modern vehicles at serious risk. The flaws, discovered in the Bluetooth stack used in many car infotainment systems, could allow remote attackers to execute malicious code, all without the victim realizing anything is wrong. The attack, named PerfektBlue, targets a widely deployed software library called BlueSDK, developed by Berlin-based
BERT Ransomware: A New Threat Targeting ESXi Virtual Machines
A new cross-platform ransomware strain, known as BERT, has emerged, posing a significant threat to organizations running VMware ESXi environments. This article explores how BERT ransomware operates, its unique features, and how businesses can defend against it. What is BERT Ransomware? First identified in April 2025, BERT ransomware targets Windows, Linux, and ESXi systems. Its primary focus on ESXi virtual
Batavia Spyware Campaign Hits Dozens of Russian Organizations
A newly discovered Windows spyware campaign, called Batavia, is making waves in the cybersecurity community after being exposed by researchers at Kaspersky. The campaign, active since at least July 2024, has already targeted dozens of Russian organizations, primarily large industrial enterprises. How the Attack Works The Batavia campaign begins with carefully crafted phishing emails that masquerade as legitimate business correspondence,
Ingram Micro Hit by Ransomware Attack, Causing Global Service Outages
Ingram Micro, one of the world's largest IT distributors, has confirmed that a ransomware attack caused an ongoing outage affecting its systems and services. The incident, which began on July 3, 2025, has impacted the company's ability to process online orders, manage back-end systems, and provide essential services to partners and clients. The ransomware group, identifying itself as "SafePay," claims
