GlassWorm Malware Targets VS Code and OpenVSX Registries
The discovery of GlassWorm malware marks one of the most alarming supply chain attacks targeting developers this year. The self-spreading threat infiltrated Visual Studio Code and OpenVSX registries, distributing malicious extensions that automatically infected thousands of systems. The campaign exposed how trusted open-source ecosystems can become vectors for widespread compromise. How the GlassWorm Malware Works GlassWorm malware operates with alarming
SideWinder Hackers Target Victims with Fake Outlook Portals
The SideWinder hacker group has launched a sophisticated phishing campaign that uses fake Outlook and Zimbra portals. Security researchers report that the group is targeting government and military personnel in several South Asian countries. By imitating legitimate platforms, SideWinder aims to harvest login credentials for espionage and intelligence gathering. Tactics and Techniques SideWinder operates by hosting counterfeit portals on free
Klopatra Android Trojan Uses Hidden VNC to Hijack Phones
Security researchers warn that the Klopatra Android trojan is reshaping the mobile threat landscape. Unlike ordinary malware that steals data in the background, Klopatra gives attackers live visibility and full control of compromised phones. Hidden VNC sessions allow them to see the victim’s screen, simulate taps, and even transfer funds without detection. The malware is delivered through a fake IPTV+VPN
Fake Microsoft Teams Installers Push Oyster Malware in Malvertising Attack
Fake Microsoft Teams installers push Oyster malware through a new malvertising campaign. Cybercriminals exploit paid ads to trick people into downloading malware instead of legitimate software. By imitating Microsoft’s trusted collaboration platform, attackers increase the chances of success. This campaign is especially concerning because Microsoft Teams is a core tool for remote work and daily business communication. Employees often search
Rust Packages Malware Steals Crypto Wallet Keys
Rust packages malware has been discovered on Crates.io, the official Rust package registry. Security researchers flagged the packages for containing hidden code that stole cryptocurrency wallet keys. The incident adds to a growing wave of supply chain attacks targeting open-source developers and highlights the risks of blindly trusting dependencies. Malicious Crates on Crates.io Two malicious crates were uploaded to Crates.io,
SystemBC Malware Turns VPS Into Proxy Networks
SystemBC malware is evolving into a powerful tool for cybercriminals. First spotted in 2019, it has shifted from being a stealthy backdoor to a full-fledged proxy-building system. Today, attackers deploy it on compromised VPS servers to create large proxy networks. This development allows them to hide malicious traffic, making it harder for defenders to trace cyberattacks. How SystemBC Malware Operates
FileFix Attack Uses Steganography to Deliver StealC
A new FileFix attack campaign is targeting users with a blend of social engineering and advanced malware delivery. The operation impersonates Meta support notices to convince victims they must take action. Instead of fixing a problem, the tricked users end up executing hidden PowerShell commands. These commands launch a sophisticated chain of events that ends with the StealC infostealer installed
EggStreme Fileless Malware Targets Philippine Military
A newly identified threat named EggStreme fileless malware has been deployed by a suspected Chinese advanced persistent threat (APT) group. Researchers found the campaign targeting Philippine military systems, underlining the region’s rising geopolitical cyber risks. EggStreme stands out for its stealth. Instead of leaving files on disk, it executes in memory, making detection extremely difficult. This fileless design highlights the
AsyncRAT Exploits ConnectWise in New Malware Campaign
AsyncRAT exploits ConnectWise in a recent malware campaign that highlights how attackers weaponize legitimate remote access tools. Security researchers uncovered a layered attack chain that delivered the trojan through fileless techniques, persistence tricks, and data theft. The operation reveals the growing sophistication of remote access trojans and the increasing risks for businesses relying on widely used IT management software. How
Grok AI Exploit Spreads Malicious Links on X
Cybercriminals have uncovered a dangerous loophole in Grok AI, the chatbot integrated into X. By embedding harmful links inside video ad metadata, attackers trick the system into revealing them. This Grok AI exploit spreads malicious links to millions of users and raises major concerns about the safety of AI-powered assistants. How the Exploit Works The attack begins with a promoted
