Steam Malware Attack Targets Chemia Early Access Game
Hackers have compromised the early access Steam game Chemia, injecting it with info-stealing malware and endangering unsuspecting players. The attack marks the third major Steam-related malware campaign in 2025, raising urgent concerns about the platform’s ability to vet developer uploads. Malware Hidden in Game Files The threat actor known as EncryptHub, also tracked as Larva‑208, tampered with the official Chemia
Endgame Gear Malware Tool Infects Users Through Official Site
The official website of gaming mouse maker Endgame Gear recently hosted a malware-infected configuration tool, and it stayed live for over two weeks before anyone noticed. From June 26 to July 9, users downloading the setup tool for the OP1w 4K V2 mouse were unknowingly installing the XRed remote access trojan (RAT). The compromised version was distributed through Endgame Gear’s
Konfety Malware Uses Malformed APKs to Evade Android Detection
The Android threat landscape continues to evolve, and cybercriminals are now exploiting even the ZIP format’s underbelly. A newly discovered malware variant named Konfety is setting a dangerous precedent by manipulating how Android Package (APK) files are structured. This manipulation allows it to sidestep traditional analysis and detection methods used by antivirus programs, app stores, and researchers. What makes Konfety
LameHug Malware Uses LLM to Automate Windows Data Theft
LameHug, a newly discovered Python-based malware, is raising alarms in the cybersecurity world by becoming the first known malicious tool to leverage a large language model (LLM) in real time. This cutting-edge threat utilizes Hugging Face’s Qwen 2.5‑Coder‑32B‑Instruct model to dynamically craft Windows commands used for data theft and system reconnaissance, making detection and mitigation significantly more challenging. A New
Fake AI Gaming Firms Target Crypto Users with Malware Scam
Cybercriminals are using fake AI and gaming firms to trick cryptocurrency users into installing malware. These fake companies use professional websites, social media presence, and direct outreach to convince victims to download what they claim is "beta software". But it's actually malware designed to steal wallet credentials and other sensitive data. The campaign, active since early 2024 and still growing,
PerfektBlue: Critical Bluetooth Bug Puts Modern Vehicles at Risk
A newly disclosed set of Bluetooth vulnerabilities is putting millions of modern vehicles at serious risk. The flaws, discovered in the Bluetooth stack used in many car infotainment systems, could allow remote attackers to execute malicious code, all without the victim realizing anything is wrong. The attack, named PerfektBlue, targets a widely deployed software library called BlueSDK, developed by Berlin-based
Malicious Extensions Hijack Chrome and Edge Users
A new large-scale browser security incident has compromised millions of users worldwide. Eighteen popular Chrome and Edge extensions, once trusted by users, have been quietly turned into malicious tools, redirecting users to phishing websites and collecting sensitive browsing data. This alarming discovery highlights the growing threat of 'sleeper agent' extensions—tools that start off clean but turn rogue through stealth updates.
Leaked Shellter Elite Tool Abused by Cybercriminals
A legitimate cybersecurity tool designed for penetration testing has become the latest weapon in the arsenal of cybercriminals, raising fresh concerns about the responsible disclosure of security threats. Shellter Elite, a widely used red-team utility, was leaked earlier this year. Hackers have since abused it to deploy infostealer malware in a string of cyberattacks. From Pentesting to Cybercrime Shellter Elite's
IconAds, a Massive Mobile Ad-Fraud Operation Disrupted
A sophisticated mobile ad-fraud operation, named "IconAds," has been disrupted. The dismantling came after it was discovered that 352 Android applications were secretly bombarding users with intrusive ads while hiding their presence on devices. This extensive campaign, which peaked at over 1.2 billion ad bid requests daily, primarily targeted users in Brazil, Mexico, and the United States. How the IconAds
U.S. Sanctions Aeza Group for Hosting Ransomware Infrastructure
The U.S. Treasury Department has imposed sanctions on Russian internet service provider Aeza Group, accusing the company of knowingly supporting cybercriminal activities by hosting servers used in ransomware and infostealer operations. This move marks a significant escalation in the United States’ ongoing efforts to disrupt the infrastructure that underpins global cybercrime. Aeza Group: A Safe Haven for Cybercriminals Aeza Group,
