VulnHub

Real-time Cybersecurity News

Articles tagged "Malware"

Found 211 articles

⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More

The Hacker News

Actively Exploited

This week, significant cybersecurity threats emerged as hackers exploited new 0-day vulnerabilities in Fortinet and Chrome, infiltrating supply chains and SaaS tools. The rapid response from major companies like Microsoft, Salesforce, and Google highlights the severity of these attacks and the ongoing challenges in securing trusted applications and software updates.

Impact: Fortinet, Chrome, Microsoft, Salesforce, Google

Remediation: Stopping DDoS attacks, blocking bad links, fixing live flaws

Exploit Malware DDoS

3 months ago

To buy or not to buy: How cybercriminals capitalize on Black Friday

Securelist

Cybercriminals intensify their activities during Black Friday, utilizing tactics such as phishing, scams, and malware to exploit online shoppers and gamers. The severity of these threats underscores the importance of vigilance among consumers, as fake sales and malicious activities proliferate during this shopping season.

Impact: Online shoppers, gamers, and potentially any consumer engaging in Black Friday sales.

Remediation: Consumers should remain vigilant against phishing attempts, verify the authenticity of sales, and use security software to protect against malware.

Phishing Exploit Malware

3 months ago

Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications

All CISA Advisories

Actively Exploited

CISA has identified that various cyber threat actors are using commercial spyware to target users of mobile messaging applications, employing tactics such as phishing, zero-click exploits, and impersonation. The focus is primarily on high-value individuals including government and military officials, indicating a serious threat to sensitive communications.

Impact: Mobile messaging applications including Signal and WhatsApp.

Remediation: Users are encouraged to review the updated Mobile Communications Best Practice Guidance and Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society for steps to protect mobile communications and messaging apps.

macOS iOS Android Phishing Exploit Update+1 more

3 months ago

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

The Hacker News

Actively Exploited

The ShadowPad malware is exploiting a recently patched vulnerability in Microsoft Windows Server Update Services (WSUS), identified as CVE-2025-59287, allowing attackers to gain full system access. This exploitation highlights the critical need for organizations to promptly apply security updates to vulnerable systems to prevent unauthorized access.

Impact: Microsoft Windows Server Update Services (WSUS) on Windows Servers.

Remediation: Organizations should apply the latest security patches provided by Microsoft for CVE-2025-59287 to mitigate the vulnerability. Additionally, it is recommended to review and secure WSUS configurations and monitor for any unauthorized access attempts.

Windows CVE Vulnerability Update Malware Critical

3 months ago

Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks

SecurityWeek

Chinese cyberspies, identified as APT24, are using supply chain attacks to deploy a malware known as 'BadAudio'. This poses a significant threat as it allows for the installation of additional malicious payloads, highlighting the growing sophistication of cyber espionage tactics.

Impact: N/A

Remediation: N/A

3 months ago

APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains

The Hacker News

Actively Exploited

APT24, a China-nexus threat actor, has been deploying a new malware called BADAUDIO to maintain persistent access to compromised networks over a nearly three-year espionage campaign. This shift to more sophisticated attack vectors poses significant risks to targeted entities, particularly in Taiwan and over 1,000 domains.

Impact: N/A

Remediation: N/A

3 months ago

Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows

The Hacker News

Actively Exploited

The Tsundere botnet, targeting Windows users, is expanding and capable of executing arbitrary JavaScript code from a command-and-control server. This poses a significant threat to users, as the botnet's propagation methods remain unclear, indicating a potential for widespread exploitation.

Impact: Windows users

Remediation: N/A

Windows Malware Botnet

3 months ago

New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages

SecurityWeek

The newly identified Sturnus Banking Trojan is currently under development and primarily targets messaging applications like WhatsApp, Telegram, and Signal, with a focus on users in Europe. This poses a significant risk to user privacy and security as it aims to exploit sensitive communications.

Impact: WhatsApp, Telegram, Signal

Remediation: N/A

Android Exploit Malware Trojan

3 months ago

WhatsApp 'Eternidade' Trojan Self-Propagates Through Brazil

darkreading

Actively Exploited

The 'Eternidade' Trojan is a sophisticated infostealer targeting Brazilian Portuguese speakers, designed to phish banking credentials and steal sensitive data. Its self-propagating nature and unique features tailored for Brazilian users pose significant cybersecurity threats across the region.

Impact: WhatsApp, Brazilian Portuguese-speaking users

Remediation: Users should avoid clicking on suspicious links and ensure their devices have updated security software. Regularly monitor banking activities for unauthorized transactions.

Malware Trojan Phishing

3 months ago

ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves

The Hacker News

This week has highlighted a surge in cybersecurity incidents, including arrests of hackers and the increasing sophistication of espionage activities. The use of everyday technology, such as browser add-ons and IoT devices, for malicious purposes underscores the evolving nature of online threats.

Impact: N/A

Remediation: N/A

3 months ago

New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices

The Hacker News

The Sturnus Android banking trojan poses a significant threat by enabling credential theft and complete device takeover for financial fraud. Its unique capability to bypass encrypted messaging by capturing decrypted content directly from the device screen raises serious concerns about user privacy and security.

Impact: Android devices

Remediation: Users should ensure their devices are updated with the latest security patches, avoid downloading unverified apps, and consider using additional security measures such as two-factor authentication.

Android Trojan Malware

3 months ago

Blockchain and Node.js abused by Tsundere: an emerging botnet

Securelist

Actively Exploited

Kaspersky GReAT experts have identified the Tsundere botnet, which utilizes Node.js-based bots to exploit web3 smart contracts. The campaign poses a significant cybersecurity threat as it spreads through MSI installers and PowerShell scripts, indicating a sophisticated method of propagation.

Impact: Node.js, web3 smart contracts, MSI installers, PowerShell scripts

Remediation: Implement security measures to monitor and restrict the use of MSI installers and PowerShell scripts. Regularly update and patch Node.js environments and web3 applications.

Exploit Botnet Malware

3 months ago

TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign

The Hacker News

Actively Exploited

The TamperedChef malware campaign exploits fake software installers to distribute JavaScript malware, enabling remote access and control of infected systems. This ongoing global threat poses significant risks to users who may unknowingly install these malicious applications.

Impact: N/A

Remediation: Users should avoid downloading software from unverified sources and ensure that their security software is up to date to detect and block malicious installations.

3 months ago

CISA Releases Guide to Mitigate Risks from Bulletproof Hosting Providers

All CISA Advisories

The Cybersecurity and Infrastructure Security Agency (CISA) has released a guide to help Internet Service Providers (ISPs) mitigate risks associated with Bulletproof Hosting (BPH) providers that facilitate cybercriminal activities like ransomware and phishing. The guide emphasizes the importance of collaboration and proactive measures to reduce the effectiveness of BPH infrastructure, which poses significant threats to critical systems and services.

Impact: Bulletproof Hosting providers, cybercriminal activities including ransomware, phishing, malware delivery, denial-of-service attacks.

Remediation: Curate malicious resource lists, implement filters to block malicious traffic, analyze network traffic for anomalies, use logging systems to track ASNs and IP addresses, share intelligence with public and private entities, notify customers about malicious resources, provide premade filters, set accountability standards, and vet customers to prevent BPH abuse.

Ransomware Phishing Malware Critical

3 months ago

IT threat evolution in Q3 2025. Non-mobile statistics

Securelist

The report highlights the evolving landscape of IT threats in Q3 2025, focusing on malware targeting Windows and macOS personal computers, as well as IoT devices. This indicates a growing severity of cyber threats that could have significant implications for users and organizations relying on these systems.

Impact: Windows personal computers, macOS personal computers, Internet of Things (IoT) devices

Remediation: N/A

Windows macOS Malware

3 months ago

PreviousPage 14 of 15Next