A new macOS malware named ClickLock Stealer leverages social engineering and process killing to bypass the operating system’s protections and obtain valuable information from victims. Cybersecurity firm Group-IB came across ClickLock Stealer in early June, and the malware appears to have been around since at least late May. Researchers say it has targeted at least ..
Tag : malware
Microsoft, law enforcement, and several cybersecurity companies have collaborated to take down infrastructure shared by two widely used malware families: Amadey and StealC. The action, part of the long-running Operation Endgame, involved the use of AI, legal action, and the exploitation of a vulnerability in a malware control panel, and resulted in hundreds of domains ..
An initial access broker (IAB) linked to multiple ransomware families has been using a new remote access trojan (RAT) in recent attacks, Broadcom’s Symantec and Carbon Black threat hunter team reports. The threat actor, tracked as Woodgnat and KongTuke, and active since at least May 2024, is known to have ties to ransomware groups such ..
Microsoft warns of a Windows-based cryptocurrency clipper that establishes a lightweight backdoor blending data exfiltration and remote code execution (RCE) capabilities. Dubbed CryptoBandits, the malware has been used in attacks since February 2026, deploying a portable Tor client on the infected systems and routing traffic through a local SOCKS5 proxy. “The clipper in this campaign ..
Google (Google Play) Honor (HONOR App Market) OPlus (OPPO App Market) Samsung (Galaxy Store) Transsion (Palm Store) vivo (V-Appstore) Xiaomi (GetApps) Developers will also have access to new APIs to make registering as an external developer less arduous. In the coming months, Google will release an Android Developer ID Status API that will check if ..
Giu 04, 2026 Giancarlo Calzetta Attacchi, In evidenza, News, RSS, Scenario 0 Un gruppo cybercriminale di lingua cinese fino a poco tempo fa concentrato prevalentemente sul mercato asiatico sta ampliando rapidamente il proprio raggio d’azione verso Europa e Africa. Secondo le analisi pubblicate da Proofpoint, il gruppo chiamato TA4922 ha aumentato sensibilmente il volume delle ..
Per secoli si è creduto che le pestilenze viaggiassero nell’aria: un miasma, un alito corrotto che si insinuava nei polmoni senza volto né origine, e contaminava prima ancora di farsi vedere. Un’idea sbagliata sulla medicina, ma un’intuizione perfetta sul contagio. Chi ha battezzato l’ultima variante del worm Shai-Hulud lo sapeva: i repository che il malware ..
Attackers use AI to increase velocity, scale and sophistication. Just as AI is improving, so will attackers’ use of it. GreyVibe is one to watch. GreyVibe, a previously undocumented threat actor, is described by WithSecure as a Russia-nexus group. The researchers are confident in their attribution of GreyVibe to Russian-speaking operators in the Moscow time ..
The BTMOB remote access trojan (RAT) is becoming a heightened threat to Android users due to its data theft and device takeover capabilities, ESET warns. Believed to be based on the SpySolr malware, BTMOB is distributed via phishing attacks leveraging lures such as streaming, cryptocurrency mining, and other familiar services. Its developers, however, sell it ..
Mag 27, 2026 Giancarlo Calzetta Attacchi, In evidenza, News, RSS, Scenario 0 Le campagne di SEO poisoning non sono certo una novità nel panorama cybercriminale. Da decenni gli attaccanti manipolano i motori di ricerca per spingere siti malevoli tra i primi risultati, inducendo gli utenti a scaricare malware credendo di visitare pagine legittime. Ma una ..


