@GossiTheDog @xaitax if this isn't the final nail in the coffin to #BanWindows and espechally #Windows11 from any #IT then IDK what else would be sufficient…

• Cuz that isn't just #Malware, but literally #Govware!

#BeatBanker #malware targets #Android users with #banking #Trojan and #crypto #miner
https://securityaffairs.com/189288/malware/beatbanker-malware-targets-android-users-with-banking-trojan-and-crypto-miner.html
#securityaffairs #hacking

New PhantomRaven NPM attack wave steals dev data via 88 packages

https://www.bleepingcomputer.com/news/security/new-phantomraven-npm-attack-wave-steals-dev-data-via-88-packages/

Short summary: https://hackerworkspace.com/article/new-phantomraven-npm-attack-wave-steals-dev-data-via-88-packages

#malware #cybersecurity #threatintelligence

Meet #BeatBanker, a new Android Trojan that spreads through fake Google Play Store pages, and uses a silent audio loop to stay active while stealing cryptocurrency and banking data.

Read: https://hackread.com/beatbanker-android-trojan-silent-audio-loop-crypto/

#CyberSecurity #Android #Malware #Crypto

What’s trending in cybersecurity today? Find out with the latest YouTube playlist we’ve curated. 👀 https://www.youtube.com/playlist?list=PLXqx05yil_meIYqu0IkC4FBZLVghxctJU
#Malware #Phishing #IncidentResponse #CyberAwareness #AppSec

Valse CleanMyMac-website installeert SHub Stealer en backdoors voor cryptovaluta-wallets | Malwarebytes

Pulse ID: 69b175e015961402a9e5f335
Pulse Link: https://otx.alienvault.com/pulse/69b175e015961402a9e5f335
Pulse Author: CyberHunter_NL
Created: 2026-03-11 14:02:08

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CyberSecurity #InfoSec #Mac #MalWareBytes #Malware #OTX #OpenThreatExchange #bot #CyberHunter_NL

Russian hackers target HR departments with vicious new 'BlackSanta' malware
Russian hackers target HR departments with vicious new 'BlackSanta' malware
#Russianhackers #Malware

https://opr.news/1eedcf39260311en_us?link=1&client=ex_global

Download Now
https://opr.as/share

Android é visado por novo malware BeatBanker disfarçado de aplicação da Starlink
🔗 https://tugatech.com.pt/t79958-android-e-visado-por-novo-malware-beatbanker-disfarcado-de-aplicacao-da-starlink

#android #malware #starlink 

Анатомия зловреда: разбираем логику работы хитрого вредоноса

Файл с именем как у фото из WhatsApp, расширение .pif вместо .jpg, и совершенно чистая репутация на VirusTotal. Внутри — четыре ступени тщательно спроектированной атаки: загрузчик с настоящим корпоративным EV-сертификатом, шеллкод, спрятанный в файле иконок, нестандартный TCP-протокол рукопожатия и в финале — классический китайский бэкдор PlugX/Gh0stRAT с полным контролем над системой. В этой статье я разбираю всю цепочку статическими методами на Linux, без запуска вредоноса. Никакой виртуальной машины с поведенческим анализом — только strings, pefile, ndisasm и Python. Там, где встречается ассемблерный код, объясняю что происходит обычным языком. Самое интересное: финальный бэкдор известен и описан, но инфраструктура доставки — домен, загрузчик, сертификат — нигде раньше не фигурировала.

https://habr.com/ru/articles/1009074/

#malware #статический_анализ #информационная_безопасность

🚨 PHISHING DETECTED 🚨

🔗 Suspicious URL: forge-eth[.]io
🔍 Analysis at: https://urlscan.io/result/019cdcd7-fb41-7044-9b4d-86343d3c2cd6/

#CryptoProtection #CryptoThreats #PhishingWarning #AntiPhishing #CryptoSafety #malware

BlackSanta: o malware que ataca departamentos de RH e "limpa" o antivírus
🔗 https://tugatech.com.pt/t79956-blacksanta-o-malware-que-ataca-departamentos-de-rh-e-limpa-o-antivirus

#malware 

A new malware campaign called #BlackSanta is targeting HR staff with fake CV download links. The attack uses steganography and vulnerable drivers to disable security tools and search infected systems for sensitive data.

Read: https://hackread.com/blacksanta-malware-hr-staff-fake-cv-downloads/

#CyberSecurity #Malware #HR #Scam

glad to hear others talking about agentic swarms. #episide #malware #infosec https://podcasts.apple.com/us/podcast/only-malware-in-the-building/id1749644761?i=1000754406134

Recruiters are being targeted with malware-laced résumés — attackers know hiring inboxes are always open. Curiosity can be a compromise vector. 📄⚠️ #Malware #RecruitmentRisk

https://www.helpnetsecurity.com/2026/03/10/hr-recruiters-malware-resume/

What’s trending in cybersecurity today? Find out with the latest YouTube playlist we’ve curated. 👀 https://www.youtube.com/playlist?list=PLXqx05yil_mfb3z5-e-s0-vKtA2wPWWOy
#Malware #Phishing #IncidentResponse #CyberAwareness #AppSec

https://winbuzzer.com/2026/03/11/fake-claude-code-install-pages-spread-malware-windows-macos-developers-xcxwbn/

Fake Claude Code Pages Spread Malware to Developers via Google Ads

#AI #AIAgents #ClaudeCode #Malware #Cybersecurity #Claude #Infostealer #Malvertising #Anthropic #Cybercrime

🚨 PHISHING DETECTED 🚨

🔗 Suspicious URL: www[.]bxpro[.]cloud
🔍 Analysis at: https://urlscan.io/result/019cdc76-977a-721e-80e7-55e0d2659686/

#PhishingScam #cybersec #malware #fake

Iranian MOIS Actors & the Cyber Crime Connection

Iranian intelligence services are increasingly engaging with the cyber crime ecosystem, leveraging criminal tools, services, and operational models to support state objectives. This trend is particularly evident among actors linked to the Ministry of Intelligence and Security (MOIS), such as Void Manticore and MuddyWater. These actors are not merely imitating criminal behavior but actively associating with the cyber criminal ecosystem, using its infrastructure, malware, and affiliate-style relationships. This approach enhances their operational capabilities, complicates attribution, and contributes to confusion around Iranian threat activity. Examples include the use of ransomware branding, commercial infostealers, and overlaps with criminal malware clusters. This shift from imitation to active engagement with cyber crime offers both improved deniability and expanded technical capabilities for Iranian actors.

Pulse ID: 69b088d31d4ef8bf35564baa
Pulse Link: https://otx.alienvault.com/pulse/69b088d31d4ef8bf35564baa
Pulse Author: AlienVault
Created: 2026-03-10 21:10:43

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #InfoStealer #Iran #Malware #MuddyWater #OTX #OpenThreatExchange #RAT #RansomWare #bot #AlienVault

KadNap Malware Turning Asus Routers Into Botnets

A sophisticated new malware called KadNap has been discovered targeting Asus routers and conscripting them into a botnet for proxying malicious traffic. The malware employs a custom version of the Kademlia Distributed Hash Table protocol to conceal its command-and-control infrastructure within a peer-to-peer system, evading traditional network monitoring. The botnet, which has grown to over 14,000 infected devices, is marketed by a proxy service called Doppelganger, tailored for criminal activity. More than 60% of KadNap's victims are based in the United States. The malware demonstrates versatility by targeting various edge networking devices and employing different C2 servers for different victim types.

Pulse ID: 69b13da0db907023c1bfc480
Pulse Link: https://otx.alienvault.com/pulse/69b13da0db907023c1bfc480
Pulse Author: AlienVault
Created: 2026-03-11 10:02:07

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Doppelganger #Edge #InfoSec #Malware #OTX #OpenThreatExchange #Proxy #RAT #UnitedStates #bot #botnet #AlienVault