Gootloader Malware Returns Stronger with New Evasion Tricks
After a seven-month silence, Gootloader malware has made a striking return with an upgraded campaign that blends deception and technical precision. Security researchers report that the attackers now rely on fake legal template sites, advanced evasion tricks, and fresh persistence methods to slip past modern defenses. What once began as a simple loader has evolved into a refined infection chain
SesameOp Exploits OpenAI Assistants API for Covert Control
Microsoft’s latest threat report has revealed a worrying trend: attackers are now using artificial-intelligence platforms as part of their command-and-control systems. The newly discovered SesameOp backdoor abuses the OpenAI Assistants API to hide its activity inside normal network traffic. Instead of relying on custom servers or shady hosting, the operators turned OpenAI’s trusted cloud service into their covert communications channel.
NFC Relay Malware Surge Hits Europe: Android Apps Steal Data
A major NFC relay malware surge is hitting Europe, exposing Android users to large-scale payment card theft. Researchers uncovered over 760 malicious apps that exploit the phone’s NFC capabilities to steal credit and debit card data. The attacks are spreading fast, and criminals are now turning the convenience of contactless payments into a gateway for financial fraud. How NFC Relay
PhantomRaven Malware Targets npm Supply Chain
The PhantomRaven malware campaign has struck the npm ecosystem, compromising 126 open-source packages and putting thousands of developers at risk. Security researchers uncovered that these malicious packages were designed to exfiltrate credentials, tokens, and sensitive data directly from developer environments. This large-scale attack underscores the growing threat of supply-chain compromise in open-source software. How PhantomRaven Malware Works PhantomRaven malware infiltrates
Atroposia Malware: Hackers Exploit Systems with Local Scanner
A new threat known as Atroposia malware is making waves in the cybersecurity world. Researchers have identified it as a highly advanced Remote Access Trojan (RAT) that not only grants attackers full control over compromised systems but also scans them for weaknesses. By embedding a local vulnerability scanner, Atroposia changes how cybercriminals approach exploitation, blending data theft with automated reconnaissance.
GlassWorm Malware Targets VS Code and OpenVSX Registries
The discovery of GlassWorm malware marks one of the most alarming supply chain attacks targeting developers this year. The self-spreading threat infiltrated Visual Studio Code and OpenVSX registries, distributing malicious extensions that automatically infected thousands of systems. The campaign exposed how trusted open-source ecosystems can become vectors for widespread compromise. How the GlassWorm Malware Works GlassWorm malware operates with alarming
SideWinder Hackers Target Victims with Fake Outlook Portals
The SideWinder hacker group has launched a sophisticated phishing campaign that uses fake Outlook and Zimbra portals. Security researchers report that the group is targeting government and military personnel in several South Asian countries. By imitating legitimate platforms, SideWinder aims to harvest login credentials for espionage and intelligence gathering. Tactics and Techniques SideWinder operates by hosting counterfeit portals on free
Klopatra Android Trojan Uses Hidden VNC to Hijack Phones
Security researchers warn that the Klopatra Android trojan is reshaping the mobile threat landscape. Unlike ordinary malware that steals data in the background, Klopatra gives attackers live visibility and full control of compromised phones. Hidden VNC sessions allow them to see the victim’s screen, simulate taps, and even transfer funds without detection. The malware is delivered through a fake IPTV+VPN
Fake Microsoft Teams Installers Push Oyster Malware in Malvertising Attack
Fake Microsoft Teams installers push Oyster malware through a new malvertising campaign. Cybercriminals exploit paid ads to trick people into downloading malware instead of legitimate software. By imitating Microsoft’s trusted collaboration platform, attackers increase the chances of success. This campaign is especially concerning because Microsoft Teams is a core tool for remote work and daily business communication. Employees often search
Rust Packages Malware Steals Crypto Wallet Keys
Rust packages malware has been discovered on Crates.io, the official Rust package registry. Security researchers flagged the packages for containing hidden code that stole cryptocurrency wallet keys. The incident adds to a growing wave of supply chain attacks targeting open-source developers and highlights the risks of blindly trusting dependencies. Malicious Crates on Crates.io Two malicious crates were uploaded to Crates.io,
