malicious
-
Blog
Cobalt Strike abusers have been dealt a hammer blow: An “aggressive” takedown campaign by Fortra and Microsoft shuttered over 200 malicious domains – and it’s cut the misuse of the tool by 80%
Malicious use of penetration testing tool Cobalt Strike and other legitimate tools has been significantly curtailed after an “aggressive campaign” by its developer Fortra and Microsoft. Fortra teamed up with Microsoft’s Digital Crimes Unit (DCU) and the Health Information Sharing and Analysis Center (Health-ISAC) to mitigate the use of unauthorized, legacy copies of Cobalt Strike and compromised Microsoft software in…
Read More » -
Blog
Malware-free attacks surged in 2024 as attackers drop malicious software for legitimate tools
Cyber attacks leveraging trusted services to conduct malicious activities are becoming the norm, according to new research, as malware takes a backseat among hackers. CrowdStrike’s 2025 global threat report found a shift towards malware-free attack techniques was one of the defining trends shaping the threat landscape in the past five years. The report stated that 79% of CrowdStrike’s threat detections…
Read More » -
Blog
Apiiro unveils free scanner to detect malicious code merges
Security researchers at Apiiro have released two free, open-source tools designed to detect and block malicious code before they are added to software projects to curb supply chain attacks. The two tools consist of a comprehensive ruleset for Semgrep and Opengrep designed to detect malicious code patterns with minimal false positives and PRevent, a GitHub-integrated scanner, that detects and alerts on…
Read More » -
Blog
Flaws in a popular dev library could let hackers run malicious code in your MongoDB database
A researcher has uncovered two related vulnerabilities in a popular developer library used to connect applications and MongoDB that could allow hackers to sneak into your database. Mongoose is an object data modeling (ODM) library for MongDB that connects it to the Node.js runtime environment, essentially simplifying interactions between applications and MongoDB databases The flaws were discovered by Dat Phung,…
Read More » -
Blog
X now blocks Signal contact links, flags them as malicious
Social media platform X (formerly Twitter) is now blocking links to “Signal.me,” a URL used by the Signal encrypted messaging to share your account info with another person. According to BleepingComputer’s tests and other users’ reports, attempting to post Signal.me links via public posts, direct messages, or profile bios receive error messages citing spam or malware risks. “This request looks…
Read More » -
Blog
Malicious PirateFi game infects Steam users with Vidar malware
A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users. The title was present in the Steam catalog for almost a week, between February 6th and February 12th, and was downloaded by up to 1,500 users. The distribution service is sending notices to potentially impacted users, advising them to reinstall Windows…
Read More » -
Blog
Russian military hackers deploy malicious Windows activators in Ukraine
The Sandworm Russian military cyber-espionage group is targeting Windows users in Ukraine with trojanized Microsoft Key Management Service (KMS) activators and fake Windows updates. These attacks likely started in late 2023 and have now been linked by EclecticIQ threat analysts with Sandworm hackers based on overlapping infrastructure, consistent Tactics, Techniques and Procedures (TTPs), and frequently used ProtonMail accounts to register…
Read More » -
Blog
PyPI adds project archiving system to stop malicious updates
The Python Package Index (PyPI) has announced the introduction of ‘Project Archival,’ a new system that allows publishers to archive their projects, indicating to the users that no updates are to be expected. The projects will still be hosted on PyPI, and users will still be able to download them but they will see a warning about the maintenance status, to…
Read More » -
Blog
Malicious GitHub repositories target users with malware
McAfee has uncovered new malware that’s being used to target GitHub users with infostealing malware. The security firm said it found several GitHub repositories offering video game hacks, cracked software, and free crypto tools that were not what they seemed. They included game hacks for top-selling video games such as Apex Legends, Minecraft, Counter Strike 2.0, Roblox, Valorant, Fortnite, Call…
Read More » -
Blog
Hackers are using a new AI chatbot to wage attacks: GhostGPT lets users write malicious code, create malware, and curate phishing emails – and it costs just $50 to use
Hackers are using an uncensored chatbot dubbed GhostGPT to help write malware, highlighting how AI can be twisted to “illegal activities”. That’s according to Abnormal Security, which laid out details of GhostGPT in a blog post, saying the chatbot lacks the guardrails of standard AI tools such as ChatGPT, making it a helpful tool for cyber criminals. It’s not the…
Read More »