Cybersecurity researchers have uncovered a sophisticated credential-stealing malware known as Octalyn, publicly hosted on GitHub under the guise of a "forensic research tool."
Despite its educational facade, the malware functions as a full-fledged data thief capable of extracting browser passwords, VPN configurations, cryptocurrency wallet...
A newly identified wave of malicious software supply chain activity linked to North Korea has infiltrated the popular JavaScript package ecosystem npm, targeting developers worldwide.
The campaign, uncovered by Socket’s Threat Research Team, centers around a stealthy new malware loader dubbed XORIndex and marks a dangerous...
Security researchers have identified a new variant of the macOS.ZuRu malware that specifically targets developers and IT professionals through a trojanized version of the popular SSH client Termius.
This latest evolution of the malware, which first emerged in July 2021, demonstrates increasingly sophisticated techniques...
A newly-discovered malware campaign is exploiting the popularity of GitHub to distribute sophisticated malware disguised as “Free VPN for PC” and “Minecraft Skin Changer.”
CYFIRMA’s latest technical analysis reveals how cybercriminals exploit social engineering, advanced obfuscation, and legitimate Windows processes to implant the notorious...
AhnLab Security Intelligence Center (ASEC) has issued a critical warning about ongoing cyberattacks targeting unpatched GeoServer installations, with threat actors actively exploiting a remote code execution vulnerability to deploy cryptocurrency mining malware and backdoor tools.
The attacks have been confirmed in South Korea, with...
A newly discovered Trojan malware, SparkKitty, is raising alarms across the cybersecurity community after infiltrating official app stores and untrusted websites to compromise both iOS and Android devices.
Active since early 2024, SparkKitty indiscriminately steals users’ gallery photos, posing a massive threat to personal privacy,...