A new malware variant dubbed “PDFly” is abusing a heavily modified PyInstaller stub to hide its Python bytecode, forcing analysts to reverse-engineer a custom decryption routine before any meaningful analysis can begin. A closely related sample, “PDFClick,” shows almost identical…
Tag: EN
Fake Compliance Emails Weaponize Word and PDF Attachments to Steal Sensitive Data
A newly observed phishing campaign is abusing fake “audit/compliance confirmation” emails to target macOS users and steal highly sensitive data. The campaign uses convincing business-themed lures and malicious attachments that masquerade as Word or PDF files to trick employees into…
Fake Dropbox Phishing Campaign Targets Users, Steals Login Credentials
A sophisticated phishing campaign that uses a multi-stage approach to bypass email filtering and content-scanning systems. The attack exploits trusted platforms, benign file formats, and layered redirection techniques to harvest user credentials from unsuspecting victims successfully. The attack chain begins…
Infostealer Attacks Hit macOS, Abusing Python and Trusted Platforms
A sharp rise in campaigns targeting macOS users, while attackers also ramp up Python‑based stealers and abuse trusted platforms like WhatsApp and popular PDF utilities. These attacks focus on harvesting credentials, browser data, cloud keys, and cryptocurrency wallets, then quietly…
GlassWorm Infiltrates VSX Extensions With 22,000+ Downloads to Target Developers
A new GlassWorm-linked supply chain attack abusing the Open VSX Registry, this time via a suspected compromise of a legitimate publisher’s credentials rather than typosquatted packages. The Open VSX security team assessed the activity as consistent with leaked tokens or…
Infostealer Campaigns Expand to macOS as Attackers Abuse Python and Trusted Platforms
Infostealer campaigns that once focused mainly on Windows are now expanding aggressively to macOS, using Python and trusted platforms to reach new victims. Recent attacks show a clear shift: threat actors are abusing online ads, fake apps, and familiar tools…
GlassWorm Infiltrated VSX Extensions with More than 22,000 Downloads to Attack Developers
GlassWorm has emerged as a serious threat to developers using the Open VSX Registry, where popular VSX extensions were silently turned into delivery vehicles for malware. Threat actors compromised a trusted publisher account and pushed poisoned updates that looked like…
AI-ISAC inches forward under Trump administration
The U.S. government is exploring different options for how the information-sharing organization should work, an official said. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: AI-ISAC inches forward under Trump administration
The Paramilitary ICE and CBP Units at the Center of Minnesota’s Killings
Two agents involved in the shooting deaths of US citizens in Minneapolis are reportedly part of highly militarized DHS units whose extreme tactics are generally reserved for war zones. This article has been indexed from Security Latest Read the original…
How to Verify Domain Ownership: A Technical Deep Dive
Domain ownership verification is a fundamental security mechanism that proves you control a specific domain. Whether you’re setting up email authentication, SSL certificates, or integrating third-party services, understanding domain verification methods is essential for modern web development. In this article,…
Beware of Fake Dropbox Phishing Attack that Harvest Login Credentials
Cybercriminals are launching a dangerous phishing campaign that tricks users into giving away their login credentials by impersonating Dropbox. This attack uses a multi-stage approach to bypass email security checks and content scanners. The threat actors exploit trusted cloud platforms…
National cyber director solicits industry help in fixing regulations, threat information-sharing
WASHINGTON — The U.S. government needs the business community’s help crafting the right cybersecurity strategy, President Donald Trump’s top cybersecurity official said on Tuesday. “We need input from you,” National Cyber Director Sean Cairncross said at an e… This article has…
Critical React Native Metro dev server bug under attack as researchers scream into the void
Too slow react-ion time Baddies are exploiting a critical bug in React Native’s Metro development server to deliver malware to both Windows and Linux machines, and yet the in-the-wild attacks still haven’t received the “broad public acknowledgement” that they should,…
Homeland Security is trying to force tech companies to hand over data about Trump critics
The use of administrative subpoenas, which are not subject to judicial oversight, are used to demand a wealth of information from tech companies, including the owners of anonymous online accounts documenting ICE operations. This article has been indexed from Security…
Adversarial Exposure Validation for Modern Environments
What is Adversarial Exposure Validation? Adversarial Exposure Validation is a structured approach that applies attacker-style actions to confirm how your environment behaves under real pressure. Instead of stopping at detection,… The post Adversarial Exposure Validation for Modern Environments appeared first…
National cyber director solicits industry help in fixing regulations, threat informationsharing
WASHINGTON — The U.S. government needs the business community’s help crafting the right cybersecurity strategy, President Donald Trump’s top cybersecurity official said on Tuesday. “We need input from you,” National Cyber Director Sean Cairncross said at an e… This article has…
2026-02-03: GuLoader for AgentTesla style malware with FTP data exfiltration
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2026-02-03: GuLoader for AgentTesla style malware with FTP data…
Microsoft SDL: Evolving security practices for an AI-powered world
Discover Microsoft’s holistic SDL for AI combining policy, research, and enablement to help leaders secure AI systems against evolving cyberthreats. The post Microsoft SDL: Evolving security practices for an AI-powered world appeared first on Microsoft Security Blog. This article has…
Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw
A security researcher found 386 malicious ‘skills’ published on ClawHub, a skill repository for the popular OpenClaw AI assistant project This article has been indexed from www.infosecurity-magazine.com Read the original article: Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw
Op Neusploit: Russian APT28 Uses Microsoft Office Flaw in Malware Attacks
A new campaign by the Russian-linked group APT28, called Op Neusploit, exploits a Microsoft Office flaw to steal emails for remote control of devices in Ukraine, Slovakia, and Romania. This article has been indexed from Hackread – Cybersecurity News, Data…