malware
-
Blog
Fake Zenmap. WinMRT sites target IT staff with Bumblebee malware
The Bumblebee malware SEO poisoning campaign uncovered earlier this week aimpersonating RVTools is using more typosquatting domainsi mimicking other popular open-source projects to infect devices used by IT staff. BleepingComputer was able to find two cases leveraging the notoriety of Zenmap, the GUI for the Nmap network scanning tool, and the WinMTR tracerout utility. Both of these tools are commonly used by IT staff…
Read More » -
Blog
These AI-Generated TikTok Videos Are Tricking People Into Installing Malware
In recent years, TikTok has become a prime target for scammers and cyber attackers spreading various forms of malware, and the latest shady campaign promotes instructional videos that trick users into downloading infostealers to their devices via ClickFix attacks. The scheme, identified by Trend Micro and reported by Bleeping Computer, instructs users to execute commands to activate Windows and Microsoft…
Read More » -
Blog
TikTok videos now push infostealer malware in ClickFix attacks
Cybercriminals are using TikTok videos to trick users into infecting themselves with Vidar and StealC information-stealing malware in ClickFix attacks. As Trend Micro recently discovered, the threat actors behind this TikTok social engineering campaign are using videos likely generated using AI that ask viewers to run commands claiming to activate Windows and Microsoft Office, as well as premium features in various legitimate…
Read More » -
Blog
394,000 Windows devices have been infected with Lumma Stealer malware – now Microsoft is hitting back
Threat actors behind the Lumma Stealer malware have been dealt a serious blow following a joint operation between Microsoft and Europol. In an announcement, Europol’s European Cybercrime Centre and Microsoft said they have cut off communications between the malicious tool and its victims and have seized more than 1,300 domains. The seized domains have been transferred to Microsoft, Europol confirmed,…
Read More » -
Blog
SK Telecom says malware breach lasted 3 years, impacted 27 million numbers
SK Telecom says that a recently disclosed cybersecurity incident in April, first occurred all the way back in 2022, ultimately exposing the USIM data of 27 million subscribers. SK Telecom is the largest mobile network operator in South Korea, holding roughly half of the national market. On April 19, 2025, the company detected malware on its networks and responded by isolating…
Read More » -
Blog
This Adorable Printer Shipped With Bitcoin-Stealing Malware
Printer brand Procolored unintentionally bundled malware with its official software for approximately six months. The full impact of this incident is still unknown, though customers should take action to ensure that their machines are not infected. Procolored occupies a strong foothold in the UV printing, direct-to-garment (DTG) printing, and direct-to-film (DTF) printing niche. Its products cost several thousand dollars and…
Read More » -
Blog
Ransomware gangs increasingly use Skitnet post-exploitation malware
Ransomware gang members increasingly use a new malware called Skitnet (“Bossnet”) to perform stealthy post-exploitation activities on breached networks. The malware has been offered for sale on underground forums like RAMP since April 2024, but according to Prodaft researchers, it started gaining significant traction among ransomware gangs since early 2025. Prodaft told BleepingComputer they have observed multiple ransomware operations deploying…
Read More » -
Blog
iClicker site hack targeted students with malware via fake CAPTCHA
The website of iClicker, a popular student engagement platform, was compromised in a ClickFix attack that used a fake CAPTCHA prompt to trick students and instructors into installing malware on their devices. iClicker is a subsidiary of Macmillan and is a digital classroom tool that allows instructors to take attendance, ask live questions or surveys, and track student engagement. It…
Read More » -
Blog
Fake AI video generators drop new Noodlophile infostealer malware
Fake AI-powered video generation tools are being used to distribute a new information-stealing malware family called ‘Noodlophile,’ under the guise of generated media content. The websites use enticing names like the “Dream Machine” and are advertised on high-visibility groups on Facebook, posing as advanced AI tools that generate videos based on uploaded user files. Although the use of AI tools…
Read More » -
Blog
Malicious PyPi package hides RAT malware, targets Discord devs since 2022
A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three years. Named “discordpydebug,” the package was masquerading as an error logger utility for developers working on Discord bots and was downloaded over 11,000 times since it was uploaded on March 21, 2022, even though it has no description…
Read More »