Latest IntelligenceMalwarePage 13
Search by keyword →
Microsoft Confirms Remote Desktop Warnings May Display Incorrectly After April Update
Microsoft has officially acknowledged a known issue in its April 2026 Windows 11 cumulative update: Remote Desktop Protocol (RDP) security warning dialogs may r...
Microsoft Confirms Remote Desktop Warnings May Display Incorrectly After April 2026 Security Update
Microsoft has officially acknowledged a known issue in its April 2026 Windows 11 cumulative update: Remote Desktop Protocol (RDP) security warning dialogs may r...
Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain
Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating malware....
Alleged Chinese State Hacker Extradited to US
A member of Silk Typhoon, Xu Zewei is accused of launching cyberattacks against universities in the US. The post Alleged Chinese State Hacker Extradited to US a...
Inside an OPSEC Playbook: How Threat Actors Evade Detection
Threat actors are now publishing structured OPSEC playbooks to stay undetected. Flare reveals how these guides outline layered infrastructure, identity separati...
Dozens of Open VSX Extension Clones Linked to GlassWorm Malware
Over 70 cloned Open VSX extensions are likely sleeper extensions designed to distribute malware. The post Dozens of Open VSX Extension Clones Linked to GlassWor...
New Sandworm Tradecraft Uses SSH-over-Tor Tunnel for Long-Term Hidden Persistence
A state-sponsored threat group, Sandworm (also tracked as APT-C-13 and FROZENBARENTS), has launched a targeted cyberattack campaign using a combined SSH and Tor...
Germany Suspects Russia Is Behind Signal Phishing That Targeted Top Officials
Federal prosecutors have been conducting a preliminary investigation since mid-February 2026 into alleged cyberattacks on Signal accounts. The post Germany Susp...
Payouts King ransomware uses QEMU VMs to bypass endpoint security
The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on compromised systems and bypass endpoint secur...
Critical MCP Integration Flaw Puts NGINX at Risk
Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration files....
Mozilla says Claude’s Mythos AI helped uncover 271 flaws in Firefox
Mozilla says it has fixed 271 previously unknown security vulnerabilities in Firefox 150 after testing an experimental AI model from Anthropic, marking a dramat...
PyPI package with 1.1M monthly downloads hacked to push infostealer
An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency w...
Fake Proton VPN sites are pushing NWHStealer malware to Windows users
A newly uncovered malware campaign is leveraging fake Proton VPN websites, alongside gaming mods and utility tools, to distribute a Windows infostealer known as...
Trigona ransomware attacks use custom exfiltration tool to steal data
Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised environments faster and more efficiently. [......
Grinex exchange blames "Western intelligence" for $13.7M crypto hack
Kyrgyzstan-based cryptocurrency exchange Grinex has suspended its operations after suffering a $13.7 million hack attributed to Western intelligence agencies. [...
Spain dismantles major $4.7M manga piracy platform, arrests four
The Spanish police have dismantled the largest Spanish-language manga piracy platform, operating since 2014, with millions of monthly users from around the glob...
Medtronic confirms breach after hackers claim 9 million records theft
Medical device giant Medtronic disclosed last week that hackers breached its network and accessed data in "certain corporate IT systems." [...]...
Alleged Silk Typhoon hacker extradited to US for cyberespionage
A Chinese national accused of carrying out cyberespionage operations for China's intelligence services has been extradited from Italy to the United States to fa...
Threat actor uses Microsoft Teams to deploy new “Snow” malware
A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named 'Snow' which includes a browser extension, a tunneler, and...
New Lotus data wiper used against Venezuelan energy, utility firms
A previously undocumented data-wiping malware dubbed Lotus was used last year in targeted attacks against energy and utilities organizations in Venezuela. [...]...