Malicious VSCode extensions: a growing threat to developers
The Visual Studio Code (VSCode) Marketplace has recently become a target for sophisticated cyberattacks, with malicious extensions infiltrating development environments…
Stealth malware strikes WordPress via MU-Plugins: a technical deep dive
The Sucuri research team has recently uncovered a concerning trend: threat actors are increasingly leveraging the WordPress mu-plugins directory to…
New breed of Android malware leverages .NET MAUI to slip past defenses
Exploiting cross-platform development frameworks to deliver insidious malware. A recent report from McAfee highlights the emergence of Android malware campaigns…
MassJacker malware targets cryptocurrency of piracy users
A new and sophisticated malware campaign, known as MassJacker, has been uncovered by cybersecurity researchers at CyberArk. This malware targets…
The Ballista Botnet: a new IoT threat with italian roots
Cato Networks has uncovered a sophisticated IoT botnet, dubbed Ballista, targeting TP-Link Archer routers by exploiting a two-year-old vulnerability (CVE-2023-1389).…
Russia-Aligned actors intensify targeting of Signal Messenger
Recent reporting from Google’s Threat Intelligence Group (GTIG) highlights a surge in activity from Russian state-aligned threat actors targeting Signal…
Oh Ship! Steam game “PirateFi” caught red-handed dropping password-stealing malware
Ahoy, gamers! Hope you weren’t sailing the high seas of Steam with a recently released free-to-play game called PirateFi. Turns…
Fake wedding invitations to spread Android Malware in Southeast Asia
Since mid-2024, a new malware campaign targeting Android users has emerged, identified as the Tria stealer. This malware exploits wedding…