Dero miner container infection campaign
The recent campaign uncovered by Kaspersky, involving the Dero cryptocurrency miner spreading through containerized Linux environments by exploiting exposed Docker…
Trojanized KeePass campaign: novel loader and credential theft in ransomware operations
A recent investigation by WithSecure’s Threat Intelligence team has uncovered a sophisticated malware campaign leveraging a trojanized version of the…
Sophisticated npm malware campaign exploits Cross-Ecosystem typosquatting
A coordinated malware operation targeting npm employs cross-ecosystem typosquatting to mimic popular libraries from Python, Java, C++, and .NET ecosystems.…
SuperCard X: exposing a MaaS for NFC Relay fraud operation
The Cleafy Threat Intelligence team has uncovered SuperCard X, a sophisticated Android malware campaign leveraging NFC-relay attacks to authorize fraudulent…
Malicious NPM packages targeting PayPal users: a recap analysis
FortiGuard Labs recently uncovered a series of malicious NPM packages designed to steal sensitive information from compromised systems. These packages,…
Malicious VSCode extensions: a growing threat to developers
The Visual Studio Code (VSCode) Marketplace has recently become a target for sophisticated cyberattacks, with malicious extensions infiltrating development environments…
Stealth malware strikes WordPress via MU-Plugins: a technical deep dive
The Sucuri research team has recently uncovered a concerning trend: threat actors are increasingly leveraging the WordPress mu-plugins directory to…
New breed of Android malware leverages .NET MAUI to slip past defenses
Exploiting cross-platform development frameworks to deliver insidious malware. A recent report from McAfee highlights the emergence of Android malware campaigns…