Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A significant security vulnerability has been identified in the W3 Total Cache plugin for WordPress, affecting all versions up to and including 2.8.1. This critical flaw cataloged as CVE-2024-12365, has a CVSS score of 8.5, categorizing it as a high-severity…

Read more →

A critical vulnerability has been identified in Veeam Backup for Microsoft Azure, specifically referenced as CVE-2025-23082. Discovered during internal testing, this security flaw could allow an attacker to exploit Server-Side Request Forgery (SSRF) vulnerabilities to send unauthorized requests originating from…

Read more →

Microsoft issued a critical security patch addressing a newly discovered vulnerability in Outlook, designated as CVE-2025-21298. This flaw, characterized as a zero-click remote code execution (RCE) vulnerability, poses a significant risk to users by potentially allowing attackers to execute arbitrary…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has released the “Microsoft Expanded Cloud Logs Implementation Playbook.” This guide is geared towards enabling organizations to effectively utilize the new logging capabilities introduced in Microsoft Purview Audit (Standard), enhancing their ability to…

Read more →

Apple Inc. has officially opened applications for its highly anticipated Information Security Internship, aimed at students eager to dive into the dynamic world of cybersecurity. This opportunity is ideal for aspiring professionals looking to enhance their skills within one of…

Read more →

A critical zero-day vulnerability in Fortinet’s FortiOS and FortiProxy products is being actively exploited by hackers to gain super-admin privileges on affected devices. The authentication bypass flaw, tracked as CVE-2024-55591, allows remote attackers to execute unauthorized code or commands via…

Read more →

SAP has released its January 2025 Security Patch Day updates, addressing 14 new vulnerabilities, including two critical flaws in SAP NetWeaver that could allow attackers to gain unauthorized access to affected systems. The most severe vulnerability, CVE-2025-0070, is an improper…

Read more →

Microsoft’s January 2025 Patch Tuesday has arrived with a significant security update, addressing a total of 159 vulnerabilities. This marks the largest number of CVEs addressed in a single month since at least 2017, more than doubling the usual amount…

Read more →

Quantum computing is set to revolutionize technology, but it also presents a significant security risk for financial institutions. Czech cybersecurity startup Wultra has raised €3 million from Tensor Ventures, Elevator Ventures, and J&T Ventures to accelerate the development of its…

Read more →

Google has released a significant security update for its Chrome browser, addressing 16 vulnerabilities in version 132.0.6834.83/84 for Windows, Mac, and Linux platforms. This update, which will be rolled out over the coming days and weeks. While this security update…

Read more →

Are you trying to decide between public and private cloud solutions for your business? It’s not always easy to figure out which option is the best. Both have unique benefits, and your choice can significantly impact your business. This article…

Read more →

Zoom Video Communications has released a critical security update addressing multiple vulnerabilities in its suite of applications, including a high-severity flaw that could allow attackers to escalate privileges. The company urges users to update their software immediately to mitigate potential…

Read more →

A widespread campaign targeting Fortinet FortiGate firewall devices with exposed management interfaces on the public internet. The attacks, observed by Arctic Wolf between November and December 2024, exploit what is believed to be a zero-day vulnerability, allowing unauthorized access and…

Read more →

A critical flaw in Google’s “Sign in with Google” authentication system has left millions of Americans vulnerable to potential data theft. This vulnerability mainly affects former employees of startups, especially those that have ceased operations. According to Truffle Security, the…

Read more →

Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass Apple’s System Integrity Protection (SIP). Known as CVE-2024-44243, this vulnerability could be exploited to load third-party kernel extensions, resulting in severe security implications for macOS users.…

Read more →

To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new step-by-step guide designed to help organizations select and deploy secure operational technology (OT) products. The guide, titled “Secure by Demand:…

Read more →

Microsoft has issued a warning regarding an ongoing issue with Multi-Factor Authentication (MFA) that is impacting some Microsoft 365 (M365) users. The problem, which surfaced earlier today, is preventing affected users from accessing certain M365 applications, raising concerns for businesses…

Read more →

Cybercriminals are executing sophisticated phishing attacks targeting Microsoft 365 users by employing deceptive URLs that closely resemble legitimate O365 domains, creating a high degree of trust with unsuspecting victims.  The attackers leverage social engineering tactics, often claiming imminent password expiration,…

Read more →

Researchers identified RedCurl APT group activity in Canada in late 2024, where the attackers used scheduled tasks to execute pcalua.exe to run malicious binaries and Python scripts, including the RPivot client.py script to connect to a remote server.  Evidence suggests…

Read more →

A proof-of-concept (PoC) exploit has been publicly disclosed for a critical vulnerability impacting macOS systems, identified as CVE-2024-54498. This vulnerability poses a significant security risk by allowing malicious applications to bypass the macOS Sandbox, a key security feature designed to isolate…

Read more →

A newly disclosed security vulnerability in IBM Robotic Process Automation (RPA) has raised concerns about potential data breaches. The vulnerability, tracked as CVE-2024-51456, could allow remote attackers to exploit cryptographic weaknesses and access sensitive information. IBM has released a security bulletin detailing the…

Read more →

The education and publishing giant Scholastic has fallen victim to a significant data breach affecting approximately 8 million people. The breach, which has been attributed to a self-proclaimed “furry” hacker going by the alias “Parasocial,” was first reported by the…

Read more →

Malware actors leverage popular platforms like YouTube and social media to distribute fake installers. Reputable file hosting services are abused to host malware and make detection challenging.  Password protection and encoding techniques further complicate analysis and evade early sandbox detection.…

Read more →

Researchers analyzed a new stealthy credit card skimmer that targets WordPress checkout pages by injecting malicious JavaScript into the WordPress database.  On checkout pages, the malware is designed to steal credit card information from users who are visiting those pages.…

Read more →

The education and publishing giant Scholastic has fallen victim to a significant data breach affecting approximately 8 million people. The breach, which has been attributed to a self-proclaimed “furry” hacker going by the alias “Parasocial,” was first reported by the…

Read more →

A recently disclosed vulnerability, identified as CVE-2024-49785, has been found in IBM watsonx.ai, including its integration with IBM Cloud Pak for Data. This vulnerability exposes users to cross-site scripting (XSS) attacks, potentially compromising sensitive information. IBM Watsonx.ai Vulnerability The issue arises from improper…

Read more →

Cybercriminals are exploiting the recent critical LDAP vulnerabilities (CVE-2024-49112 and CVE-2024-49113) by distributing fake proof-of-concept exploits for CVE-2024-49113 (dubbed “LDAPNightmare”).  These malicious PoCs, often disguised as tools to demonstrate the vulnerability’s impact, are designed to trick security researchers and system…

Read more →

The QSC Loader service DLL named “loader.dll” leverages two distinct methods to obtain the path to the Core module code. It either extracts the path from the system directory “drivers\msnet” or reads and deletes a 256-byte path string from the…

Read more →

Fraudsters in the Middle East are exploiting a vulnerability in the government services portal. By impersonating government officials, they target individuals who have filed commercial complaints.  Using Remote Access Software, the fraudsters can then steal credit card information and conduct…

Read more →

A NonEuclid sophisticated C# Remote Access Trojan (RAT) designed for the.NET Framework 4.8 has been shown to pose a significant and ever-evolving cyber threat.  The malware leverages a multifaceted approach to evade detection and maintain persistence, employing advanced techniques such…

Read more →

Juniper Networks has disclosed a significant vulnerability affecting its Junos OS and Junos OS Evolved platforms. Identified as CVE-2025-21598, this flaw allows unauthenticated remote attackers to exploit a critical out-of-bounds read vulnerability in the routing protocol daemon (rpd). The vulnerability…

Read more →

CrowdStrike, a leader in cybersecurity, uncovered a sophisticated phishing campaign that leverages its recruitment branding to propagate malware disguised as an “employee CRM application.” This alarming attack vector begins with a fraudulent email impersonating CrowdStrike’s hiring team, coaxing recipients into…

Read more →

Apple Inc. says its commitment to user privacy, emphasizing that its products, such as the digital assistant Siri, are designed to safeguard personal data from the very beginning and not used for any advertising purpose. “Apple has never used Siri…

Read more →

Walker County Schools has reported that unauthorized access to personal data belonging to students and educators was achieved through the company’s student information system vendor, PowerSchool. Superintendent Damon Raines informed the community about the breach following an email notification from…

Read more →

The International Civil Aviation Organization (ICAO), a United Nations agency responsible for coordinating global aviation standards, has reported a significant information security incident that has exposed the personal data of approximately 42,000 applicants.  The agency is actively investigating the breach,…

Read more →

A new and sophisticated phishing scam has been uncovered, leveraging Microsoft 365 domains to trick users into compromising their PayPal accounts. The attack exploits legitimate-looking sender addresses and URLs, making it harder for victims to recognize the phishing attempt. Security…

Read more →

The malicious Southeast Asian APT group known as OceanLotus (APT32) has been implicated in a sophisticated attack that compromises the privacy of cybersecurity professionals. A recent investigation by the ThreatBook Research and Response Team revealed that a popular privilege escalation…

Read more →

The Green Bay Packers, Inc. has confirmed that its online merchandise store was hacked, leading to the theft of credit card data from over 8,500 customers. The incident, which occurred on September 23, 2024, was discovered nearly three months later…

Read more →

A Data Leak Site (DLS) belonging to a new extortion group named Morpheus, which has stolen data from Arrotex Pharmaceuticals (Australia) on December 12th and PUS GmbH (Germany) on December 20th.  Morpheus offers stolen data for sale on the DLS,…

Read more →

Malicious packages “solanacore,” “solana login,” and “walletcore-gen” on npmjs target Solana developers with Windows trojans and malware for keylogging and data exfiltration via Slack webhooks and ImgBB APIs. These recently discovered crypto-stealers exhibit unusual transparency, openly revealing their malicious intent…

Read more →

is this website safe? In this digital world, Check a website is safe is the most critical concern since there are countless malicious websites available everywhere over the Internet, and it is tough to find a trustworthy website.  We need…

Read more →

GitLab has announced the release of critical updates to its Community Edition (CE) and Enterprise Edition (EE), specifically versions 17.7.1, 17.6.3, and 17.5.5. These updates are essential for maintaining security and stability across all self-managed GitLab installations and should be…

Read more →

A series of serious vulnerabilities have been identified in Palo Alto Networks’ Expedition migration tool, which could allow attackers to gain unauthorized access to sensitive data, including cleartext passwords and device configurations. The vulnerabilities, detailed in multiple Common Vulnerabilities and…

Read more →

The Wireshark development team announced the release of Wireshark version 4.4.3, a critical update that brings several bug fixes and enhancements to this widely used network protocol analyzer. Renowned for its ability to troubleshoot, analyze, and educate users about network…

Read more →

Ivanti released a critical security advisory addressing vulnerabilities in its Connect Secure, Policy Secure, and ZTA Gateways products. This advisory reveals the existence of two significant vulnerabilities, CVE-2025-0282 and CVE-2025-0283, which have been exploited in the wild, necessitating immediate action…

Read more →

Researchers observed the Gayfemboy botnet in early 2024 as a basic Mirai variant. Still, the botnet rapidly evolved through iterative development, including UPX polymorphic packing, integrating N-day vulnerabilities, and ultimately leveraging a 0-day vulnerability in Four-Faith industrial routers.  By November…

Read more →

Since 2013, the advanced persistent threat (APT) known as Kimsuky, which the North Korean government sponsors, has been actively conducting cyber espionage operations.  It employs advanced malware, spearphishing, and social engineering tactics to infiltrate target networks and exfiltrate sensitive data,…

Read more →

Gravy Analytics, a prominent player in location intelligence, has reportedly fallen victim to a significant cyberattack. Initial investigations suggest that hackers have exfiltrated sensitive data, raising concerns over consumer privacy and data security. Founded to enhance business decision-making through location-based…

Read more →

Google has released an update for its Chrome web browser, advancing to version 131.0.6778.264/.265 for Windows and Mac, and 131.0.6778.264 for Linux. This update addresses a series of critical security vulnerabilities and will be rolled out gradually over the coming…

Read more →

The distinction between nation-state actors and organized cybercriminals is becoming increasingly blurred. Both groups now leverage similar tactics, techniques, and procedures (TTP) in their cyber operations, resulting in a complex landscape where motivations and objectives often intersect. This article delves…

Read more →

Washington State Attorney General Bob Ferguson filed a consumer protection lawsuit against T-Mobile for its alleged failure to secure sensitive personal information of over 2 million residents. This lawsuit comes in the wake of a massive data breach that exposed…

Read more →

A recent investigation revealed that the Akira and Fog ransomware groups are actively exploiting the SonicWall NSA vulnerability (CVE-2024-40766) to compromise organizations.  As of December 23, 2024, over 100 companies are suspected to have been victimized by these groups through…

Read more →

A browser extension named PRIVESHIELD automatically creates isolated profiles to group websites based on browsing history and user interaction, which disrupts cross-website tracking practices by preventing cookie-matching methods used for targeted advertising.  The evaluation results show that PRIVESHIELD is more…

Read more →

Stalwart is an innovative open-source mail server solution that supports JMAP, IMAP4, POP3, and SMTP, offering a comprehensive suite of features designed for security, performance, and scalability. Built with Rust, Stalwart stands out for its modern architecture that emphasizes safety…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding the active exploitation of critical vulnerabilities in various software, particularly spotlighting an unspecified vulnerability in Oracle WebLogic Server. This announcement comes as part of CISA’s efforts to enhance…

Read more →

In an age where digital footprints can be traced with just a few clicks, surveillance technology has become a double-edged sword. While it can enhance security and improve services, it also poses significant privacy concerns. One of the most formidable…

Read more →

Researchers discovered critical BIOS/UEFI vulnerabilities in the Illumina iSeq 100 DNA sequencer, where the device utilizes an outdated firmware implementation with CSM mode lacking essential security features like Secure Boot and firmware write protections.   The vulnerability window allows attackers to…

Read more →

Researchers observed a URL attempts to exploit a server-side vulnerability by executing multiple commands through PHP’s system() function. It downloads a malicious executable from a remote server, executes it locally, and attempts to download the same executable using wget while…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding the active exploitation of critical vulnerabilities in various software, particularly spotlighting an unspecified vulnerability in Oracle WebLogic Server. This announcement comes as part of CISA’s efforts to enhance…

Read more →

Casio Computer Co., Ltd. has confirmed a significant cybersecurity breach after its servers were targeted in a sophisticated ransomware attack. The incident, which occurred on October 5, prompted an immediate forensic investigation involving external security specialists. Casio deeply regrets any…

Read more →

Cybercriminals have developed PhishWP, a malicious WordPress plugin, to facilitate sophisticated phishing attacks, which enable attackers to create convincing replicas of legitimate payment gateways, such as Stripe, on compromised or fraudulent WordPress websites.  By seamlessly integrating with Telegram, PhishWP facilitates…

Read more →

Over the past year, malicious actors have been abusing OAST services for data exfiltration, C2 channel establishment, and multi-stage attacks by leveraging compromised JavaScript, Python, and Ruby packages. OAST tools, initially designed for ethical researchers to perform network interactions, can…

Read more →

FireScam is multi-stage malware disguised as a fake “Telegram Premium” app that steals data and maintains persistence on compromised devices and leverages phishing websites to distribute its payload and infiltrate Android devices.   It is Android malware disguised as a fake…

Read more →

The Kaspersky researchers investigation into the EAGERBEE backdoor revealed its deployment within Middle Eastern ISPs and government entities of novel components, including a service injector that injects the backdoor into running services.  Post-installation, EAGERBEE deploys plugins with diverse functionalities as…

Read more →

A phishing campaign spoofing the United States Social Security Administration emerged in September 2024, delivering emails with embedded links to a ConnectWise Remote Access Trojan (RAT) installer.  These emails, disguised as updated benefits statements, employed various techniques, including mismatched links…

Read more →

The January 2025 Android Security Bulletin has issued important updates regarding critical vulnerabilities that affect Android devices. Users are urged to ensure their devices are updated to the latest security patch level, which as per the bulletin, should be 2025-01-05…

Read more →

India has unveiled its draft Digital Personal Data Protection Rules, designed to operationalize the Digital Personal Data Protection Act, 2023 (DPDP Act). As the nation strides forward in the digital age, these rules are pivotal in creating a framework that…

Read more →

Hackers have successfully infiltrated Argentina’s Airport Security Police (PSA) payroll system, raising alarms about the safety of sensitive personnel information. This incident has revealed significant vulnerabilities in employee data management, as attackers accessed confidential salary records and tampered with pay…

Read more →

Cybercrimes have always existed as a result of internet usage in our society. Traversing the wide web, hackers are trying to exploit any nooks and crannies in the system. While many new types of crimes are arising on the internet,…

Read more →

An alarming new development emerged in the cybersecurity landscape with the release of a proof-of-concept (PoC) exploit targeting the critical vulnerability identified as CVE-2024-6387. This vulnerability, discovered by researchers at Qualys, allows remote unauthenticated attackers to execute arbitrary code on…

Read more →

The popular cookie management extension EditThisCookie has been the target of a malicious impersonation. Originally a trusted tool for Chrome users, EditThisCookie allowed users to manage cookie data in their browsers. However, after significant scrutiny, the legitimate version has been…

Read more →

A critical vulnerability has been identified in the popular UpdraftPlus: WP Backup & Migration Plugin, potentially impacting over 3 million WordPress websites. This security flaw allows unauthenticated attackers to exploit a PHP Object Injection vulnerability through deserialization of untrusted input.…

Read more →

A recent blog post by developer Jeff Johnson has brought to light a new feature in Apple’s Photos app within the recently launched iOS 18. Titled “Enhanced Visual Search,” this toggle permits iPhones to transmit photo data to Apple by…

Read more →

BARWM, a novel backdoor attack approach for real-world deep learning (DL) models deployed on mobile devices. Existing backdoor attacks often suffer from limitations such as altering the model structure or relying on easily detectable, sample-agnostic triggers.  By utilizing DNN-based steganography…

Read more →

An attacker with physical access can abruptly restart the device and dump RAM, as analysis of this memory may reveal FVEK keys from recently running Windows instances, compromising data encryption.  The effectiveness of this attack is, however, limited because the…

Read more →

The Python script leverages low-level interactions with the Windows operating system, which imports crucial libraries like `System.Reflection`, `ctypes`, and `wintypes`, enabling it to directly invoke Windows APIs.  It allows the script to manipulate system behavior at a fundamental level, potentially…

Read more →

The researcher proposes a game-theoretic approach to analyze the interaction between the model defender and attacker in trigger-based black-box model watermarking.  They design payoff functions for both players and determine the optimal strategies for each player, which provides a theoretical…

Read more →

Garak is a free, open-source tool specifically designed to test the robustness and reliability of Large Language Models (LLMs). Inspired by utilities like Nmap or Metasploit, Garak identifies potential weak points in LLMs by probing for issues such as hallucinations,…

Read more →

Attackers published 20 malicious npm packages impersonating legitimate Nomic Foundation and Hardhat plugins, where these packages, downloaded over 1,000 times, compromised development environments and potentially backdoored production systems and resulted in financial losses. They are utilizing Ethereum smart contracts, such…

Read more →

Tenable Holdings, Inc. has confirmed the passing of its esteemed Chairman and Chief Executive Officer, Amit Yoran, who succumbed to cancer on January 3, 2025. Yoran, aged 54, was a distinguished figure in the cybersecurity realm, known for his visionary…

Read more →

Researchers have released a proof of concept (PoC) exploit for a critical privilege escalation vulnerability affecting Microsoft Windows. This vulnerability, CVE-2024-43452, allows attackers to gain elevated privileges on a compromised system, potentially leading to unchecked access to sensitive data and…

Read more →

Within today’s fast-changing global society, effective training is vital for personal and professional success. However, traditional methods often do not provide enough flexibility or personalization options. In light of this, learning experience platforms (LXPs) have revolutionized how organizations and individuals…

Read more →

Tenable Holdings, Inc. has announced with profound sadness the unexpected passing of its Chairman and Chief Executive Officer, Amit Yoran, who succumbed to a battle with cancer on January 5, 2025. A visionary leader, Yoran was a pioneer in the…

Read more →

Cybersecurity experts have uncovered a new wave of cyberattacks linked to North Korean threat actors targeting cryptocurrency wallets in an operation dubbed the “Contagious Interview” campaign. The attackers employ sophisticated phishing tactics under the guise of job interviews, exploiting platforms…

Read more →

LegionLoader, a C/C++ downloader malware, first seen in 2019, delivers payloads like malicious Chrome extensions, which can manipulate emails, track browsing, and even transform infected browsers into proxies for attackers, enabling them to browse the web with the victim’s credentials.…

Read more →

Security researchers have observed consistent activity from a threat actor dubbed “EC2 Grouper,” which is responsible for numerous cloud compromises and exhibits a distinct modus operandi.  EC2 Grouper consistently employs specific user agents and adheres to a unique security group…

Read more →

In a recent security advisory, ASUS has alerted users to critical vulnerabilities affecting several of its router models.  These flaws, tracked as CVE-2024-12912 and CVE-2024-13062, pose severe risks by allowing attackers to execute arbitrary commands on compromised devices. ASUS has advised users to…

Read more →

Apple Inc. has agreed to pay $95 million to settle a proposed class-action lawsuit alleging that its Siri voice assistant infringed on users’ privacy by recording private conversations without their consent. The preliminary settlement, filed in federal court in Oakland,…

Read more →

NTT Docomo, one of Japan’s leading telecommunications and IT service providers, experienced a massive disruption on January 2, 2025, after a Distributed Denial of Service (DDoS) attack targeted its network infrastructure. The attack resulted in widespread service irregularities affecting customers…

Read more →

 A critical vulnerability discovered in the popular macOS terminal emulator iTerm2 has raised concerns among cybersecurity experts and software users. The flaw, which could allow malicious attackers to access sensitive user data, underscores the importance of timely updates and vigilant…

Read more →

PLAYFULGHOST, a Gh0st RAT variant, leverages distinct traffic patterns and encryption, which spread via phishing emails and SEO poisoning of bundled applications, enabling keylogging, screen capture, and other malicious remote access capabilities. A phishing campaign employed a .jpg file as…

Read more →

The CVE-2024-49112 vulnerability in Windows LDAP allows remote code execution on unpatched Domain Controllers, as a zero-click exploit leverages this by crafting malicious LDAP requests, which, sent without any user interaction, exploit a memory corruption vulnerability within the LDAP service. …

Read more →

A cybersecurity researcher has demonstrated a method to bypass BitLocker encryption on Windows 11 (version 24H2) by extracting full volume encryption keys (FVEK) from memory. Using a custom-built tool named Memory-Dump-UEFI, the researcher was able to retrieve sensitive cryptographic keys to…

Read more →

The Tycoon 2FA platform is a Phishing-as-a-Service (PhaaS) tool that enables cybercriminals to easily launch sophisticated phishing attacks targeting two-factor authentication (2FA).  It provides a service that simplifies the process for attackers. and offers an intuitive interface, allowing for the…

Read more →

SmuggleShield, a recently launched browser extension, is gaining attention in the cybersecurity space for its innovative approach to mitigating HTML smuggling attacks. With its stable version (2.0) now available, SmuggleShield provides an additional layer of protection for everyday internet users,…

Read more →

Cloud security researchers have uncovered alarming trends in identity compromises within Amazon Web Services (AWS) environments. Among the most prolific threat actors is a group dubbed “EC2 Grouper,” known for exploiting compromised credentials to carry out sophisticated attacks using AWS…

Read more →

Trend Micro has addressed six high-severity vulnerabilities in its Apex One and Apex One as a Service product, which could allow attackers to escalate privileges on affected Windows systems. These vulnerabilities were disclosed under the Common Vulnerabilities and Exposures (CVE) system and have been…

Read more →

A 20-year-old U.S. Army soldier, Cameron John Wagenius, has been arrested and indicted by federal authorities for allegedly selling confidential customer call records stolen from major telecommunications companies AT&T and Verizon. Known online as “Kiberphant0m,” Wagenius was apprehended near an…

Read more →

D-Link warned users of several legacy router models about known vulnerabilities actively exploited by botnets. These devices, which have reached End-of-Life (EOL) and End-of-Service (EOS), are at heightened risk of being targeted by malware strains known as “Ficora” and “Capsaicin.”…

Read more →

Researchers recently discovered a malicious campaign targeting Ukrainian military personnel through fake “Army+” application websites, which host a malicious installer that, upon execution, extracts the legitimate application alongside the Tor browser.  The installer includes a PowerShell script that indicates the…

Read more →