More than 14,000 WordPress sites hacked, used to spread malware

WordPress is one of the most popular content management systems on the Internet. In fact, more than 43 percent of all ...

Nation-state hackers deliver malware from “bulletproof” blockchains

One of the groups Google observed, a North Korean-backed team tracked as UNC5342, uses earlier-stage malware tracked as ...
SecurityWeek

Lumma Stealer Activity Drops After Doxxing

Lumma Stealer activity decreased over the past couple of months after the identities of five alleged core group members were ...
CSO Online

Threat actors are spreading malicious extensions via VS marketplaces

There isn’t a consistent threat model for extension marketplaces yet, McCarthy said, making it difficult for any platform to ...
OMG! Ubuntu

Xubuntu Website Compromised, Served Malware Downloads

A malicious ZIP file briefly replaced Xubuntu's torrent download. What happened, who was at risk, and why your Linux ...
The Hacker News

North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware

The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality ...

Google ads for fake Homebrew, LogMeIn sites push infostealers

A new malicious campaign is targeting macOS developers with fake Homebrew, LogMeIn, and TradingView platforms that deliver ...
Cryptopolitan on MSN

North Korean hackers now hide crypto-stealing malware with blockchain

North Korean hackers are now using a blockchain-based method known as EtherHiding to deliver malware to facilitate their ...
The Hacker News

Researchers Expose TA585's MonsterV2 Malware Capabilities and Attack Chain

Researchers link TA585 to MonsterV2 RAT stealer delivered via IRS-themed phishing, JavaScript injects, and GitHub lures.

Amazon DNS outage breaks much of the internet

The outage affected websites like Coinbase and Fortnite, and disrupted services like Signal, Zoom and Amazon's own products, ...
Infosecurity Magazine

Microsoft Revokes 200+ Fake Certificates Used in Teams Malware Attack

Microsoft has revoked over 200 fraudulent code-signing certificates used in a ransomware campaign involving fake Teams ...

Open-source malware surges, raising cyber security concerns

A sharp surge in open-source malware in the third quarter, ended September 30, raises alarm among experts, who are calling ...