Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS
The SHub Reaper stealer, which hides behind fake WeChat and Miro installers, marks a shift from ClickFix social engineering to Apple script-based execution.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The SHub Reaper stealer, which hides behind fake WeChat and Miro installers, marks a shift from ClickFix social engineering to Apple script-based execution.
Authors of the VoidStealer Trojan uncovered yet another way to get around Google's App-Bound Encryption (ABE), opening the door to infostealers.
Malicious websites designed to rank high in Google search results for ChatGPT and Luma AI deliver the Lumma and Vidar infostealers and other malware.
Attackers target a familiar industry, law professionals, by hiding the infostealer in ads delivered via Google-based malvertising.
Popularity of the generative AI platform makes it an obvious choice for cybercriminals abusing Google-sponsored search results, according to researchers.
Researchers at Kaspersky discovered cyber-espionage activity that used the vulnerability in a one-click phishing attack to deliver malware.
It's an especially brazen form of malvertising, researchers say, striking at the heart of Google's business; the tech giant says it's aware of the issue and is working quickly to address the problem.
Threat actors are targeting people searching for pirated or cracked software with fake downloaders that include infostealing malware such as Lumma and Vidar.
The global malware campaign (that must not be named?) is targeting organizations by impersonating tax authorities, and using custom tools like Google Sheets for command and control.
The novel malware targets Spanish-speaking users via malicious Google Drive links, and taps a popular C++ library to evade detection.
Microsoft, OpenAI, Google, Meta genAI models could be convinced to ditch their guardrails, opening the door to chatbots giving unfettered answers on building bombs, creating malware, and much more.
The dangerous Anatsa banking Trojan is among the malware being spread to Android users via decoy mobile apps in recent months.
Campaign distributes malware disguised as legitimate installers for popular workplace collaboration apps by abusing a traffic-tracking feature.
Threat actors are widely adopting the fast-growing, low-cost phishing-as-a-service (PhaaS) platform, which is sold via Telegram.
Attackers use Google redirects in their phishing attack leveraging a now-patched vulnerability that spreads the multifaceted malware.
Users have already downloaded droppers for the malware from Google's official Play store more than 100,000 times since last November.
A surging bank malware campaign abuses Google Cloud Run and targets Latin America, with indications that it's spreading to other regions, researchers warn.
Just in time for the US election season, one of the Kremlin's favorite hack-and-leak spy groups — Star Blizzard — has developed its very first custom backdoor.
A more sophisticated version of a "work in progress" malware is impersonating a Google Chrome app to attack a wider swath of mobile users.
An advanced feature of Google targeted ads can allow a rarely precedented flood of malware infections, rendering machines completely useless.