Latest IntelligenceMalwarePage 10
Search by keyword →How the Story of a USB Penetration Test Went Viral
Two decades ago Dark Reading posted its first blockbuster — a story from a pen tester who sprinkled rigged thumb drives around a credit union parking lot and le...
PoC tool extracts cleartext passwords from Microsoft Edge memory
A newly released proof-of-concept (PoC) tool shows how Microsoft Edge handles saved credentials, demonstrating that passwords may be exposed in cleartext within...
Karakurt Ransomware Negotiator Sentenced to Prison
Deniss Zolotarjovs was directly involved in extortion strategies and in negotiations with victim companies. The post Karakurt Ransomware Negotiator Sentenced to...
Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
A Latvian national extradited to the United States was sentenced to 8.5 years in prison for his "cold case" negotiator role in the Russian Karakurt ransomware g...
CloudZ malware hijacks Microsoft Phone Link to intercept SMS and OTPs
A new malware campaign abuses Microsoft’s Phone Link app to intercept sensitive mobile data, including one-time passwords (OTPs), without compromising the phone...
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
A new version of the CloudZ remote access tool (RAT) is deploying a previously unseen malicious plugin called Pheno that hijacks the Microsoft Phone Link connec...
Instagram’s to End Encrypted Chats for Direct Messages
Meta has announced that Instagram will officially discontinue its optional end-to-end encrypted direct message feature on May 8, 2026. The feature was initially...
APT37 hacks gaming platform to spread new BirdCall Android spyware
North Korean hackers compromised a gaming platform in a supply-chain attack, using trojanized Windows and Android games to deploy a previously undocumented mobi...
ScarCruft hackers push BirdCall Android malware via game platform
The North Korean hacker group APT37 has been delivering an Android version of a backdoor called BirdCall in a supply-chain attack through a video game platform....
Beware of Fake ‘Notepad++ for Mac’ Website, Possibly Could Harm your Machine
A fake website claiming to offer an official macOS version of the popular text editor Notepad++ has been making rounds online, raising serious cybersecurity con...
Physical Cargo Theft Gets a Boost From Cybercriminals
Cargo theft is no longer about small groups of criminals operating on the ground, but transnational cybercriminal syndicates using access to supply chain system...
Backdoored PyTorch Lightning package drops credential stealer
A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a credential-stealing payload targeting browsers, env...
New MicroStealer Malware Actively Attacking Telecom & Education Sectors
A new infostealer malware called MicroStealer has quietly entered the threat landscape and is already showing a worrying reach. First spotted in December 2025, ...
New xlabs_v1 Botnet Targets Minecraft Servers Through ADB-Exposed Android Devices
A newly identified botnet called xlabs_v1 has been found targeting Minecraft game servers by exploiting Android devices with the Android Debug Bridge (ADB) port...
DOJ Sentences Two Americans to Prison for ALPHV BlackCat Attacks on U.S. Victims
Two American cybersecurity professionals were sentenced to four years each in federal prison on April 30, 2026, for carrying out ransomware attacks against mult...
DigiCert Revokes Certificates After Support Portal Hack
Hackers delivered malware via a customer chat channel, infected an analyst’s system, and accessed the internal support portal. The post DigiCert Revokes Certifi...
Webinar: Why MSPs must rethink security and backup strategies
Security breaches don't just test your defenses—they test your recovery. Join Kaseya in our upcoming webinar to learn how MSPs strengthen resilience with SaaS b...
Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia
More than 1,600 socially engineered messages from the China-backed advanced persistent threat (APT) group target various sectors to deliver the previously undoc...
DigiCert suffers breach, stolen certificates used to sign malware
DigiCert has disclosed a security incident in which attackers compromised internal support systems and abused stolen certificate issuance data to obtain valid E...
Email Bombing and Fake IT Support Calls Fuel New Microsoft Teams Phishing Attacks
A new wave of cyberattacks is targeting employees through a combination of inbox flooding and fake IT support contacts on Microsoft Teams, tricking users into h...