TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. [...]
Push Security has uncovered a new AiTM phishing campaign targeting TikTok for Business accounts using Google and TikTok themed login pages
Threat actors are targeting TikTok for Business accounts in a phishing campaign that prevents security bots from analyzing malicious pages. [...]
The state-sponsored threat actor deployed kernel implants and passive backdoors enabling long-term, high-level espionage. The post Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure appeared first on SecurityWeek.
An Armenian suspect was extradited to the United States to face criminal charges for allegedly helping manage RedLine, one of the most prolific infostealer malware operations in recent years. [...]
Halcyon and Beazley Security track the return of Iranian ransomware group Pay2Key
Hambardzum Minasyan of Armenia has been accused of being involved in the development and administration of the infostealer malware. The post Alleged RedLine Malware Administrator Extradited to US appeared first on SecurityWeek.
Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building platform Bubble to generate and host malicious web apps. [...]
A new info-stealing malware called Torg Grabber is stealing sensitive data from 850 browser extensions, more than 700 of them for cryptocurrency wallets. [...]
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group
Silver Fox pivots from ValleyRAT tax lures to WhatsApp‑style stealers, blending espionage & phishing
Ghost npm campaign fakes install logs to steal sudo passwords and drop RATs that loot crypto and data
Russian cybercriminal Aleksei Volkov has received close to seven years behind bars for role in Yanluowang ransomware
Tycoon2FA phishing platform resumes activity post-takedown, leveraging AITM techniques to bypass MFA
New Trivy Docker images 0.69.5 and 0.69.6 compromised with TeamPCP infostealer, impacting CI/CD scans
Mobile banking malware targets over 1200 financial apps globally, shifting fraud to user devices
ShieldGuard Chrome extension posed as a crypto security tool but stole wallets and drained user data
Some of these campaigns are linked to Darcula, a Chinese-language phishing-as-a-service platform
The FBI wants to hear from gamers who have downloaded Steam titles containing malware
PixRevolution Android trojan hijacks Brazil’s PIX payments in real time using accessibility abuse