Articles tagged "Google"

Found 117 articles

Researchers have identified a campaign dubbed 'Zoom Stealer' that targets users of popular web browsers, specifically Chrome, Firefox, and Microsoft Edge. This attack has already impacted around 2.2 million users through 18 malicious browser extensions. These extensions are designed to gather sensitive information related to online meetings, including URLs, IDs, topics, descriptions, and even embedded passwords. The implications of this data theft are significant, as it can lead to unauthorized access to corporate meetings and sensitive discussions. Companies using these browsers should be vigilant and consider removing any unverified extensions to protect their data.

Read Original
Actively Exploited

Users of the Trust Wallet Chrome extension have reported significant cryptocurrency losses after a malicious update was released on December 24. This compromised update allowed attackers to drain wallets, leading to millions in losses for affected individuals. In conjunction with this incident, researchers discovered a phishing domain set up by the hackers, further indicating a coordinated effort to exploit Trust Wallet users. The company has responded urgently, advising users to take precautions and remain vigilant to avoid further losses. This incident serves as a stark reminder of the risks associated with browser extensions and the importance of ensuring that software updates are legitimate and secure.

Read Original
Actively Exploited

Two malicious Chrome extensions called 'Phantom Shuttle' have been discovered in the Chrome Web Store, masquerading as tools for a proxy service. These extensions are designed to hijack user traffic and steal sensitive information, including login credentials. Users who have installed these extensions are at risk of having their personal data compromised. This incident serves as a reminder for users to be cautious when downloading browser extensions and to regularly review their installed plugins. Google has a responsibility to monitor the extensions available in its store to protect users from such threats.

Read Original

The Kimwolf Android botnet has been discovered infecting over 1.8 million devices, according to security researchers at XLab. This botnet, which is linked to the previously identified Aisuru botnet, has been responsible for sending more than 1.7 billion commands for Distributed Denial of Service (DDoS) attacks. The scale of these attacks is significant, raising concerns about the potential for disruption to various online services. The fact that millions of devices are compromised highlights the ongoing vulnerability of Android systems to malware. Users should be cautious and consider securing their devices to prevent further infections and attacks.

Read Original

A new botnet named Kimwolf has compromised around 1.8 million Android-based devices, including TVs, set-top boxes, and tablets. Researchers from QiAnXin XLab report that this botnet may be linked to another one known as AISURU. Kimwolf is built using the Native Development Kit (NDK), which allows attackers to control these devices and use them for large-scale distributed denial-of-service (DDoS) attacks. This incident raises concerns about the security of smart devices, as many consumers may not realize their equipment can be hijacked in this way. Users of affected devices should be vigilant and consider measures to secure their systems against such threats.

Read Original
Actively Exploited

Google's threat intelligence team has identified five additional Chinese hacking groups involved in exploiting the React2Shell vulnerability, which allows for remote code execution. This vulnerability is considered highly severe, making it a significant risk for affected systems. The groups are believed to be using this exploit to target various organizations, potentially compromising sensitive data and disrupting operations. The identification of these groups emphasizes the ongoing threat posed by state-sponsored hackers and the need for organizations to bolster their defenses against such attacks. Companies that utilize affected software should take immediate action to mitigate risks associated with this vulnerability.

Read Original

Apple has released security updates to address two vulnerabilities in WebKit, identified as CVE-2025-14174 and CVE-2025-43529, which are currently being exploited in the wild. The first vulnerability, CVE-2025-14174, was previously patched by Google for its Chrome desktop browser, but details were limited at that time. This flaw allows for out-of-bounds memory access, potentially enabling attackers to execute arbitrary code. Users of Apple devices, particularly those running Safari or any applications reliant on WebKit, should prioritize updating their systems to safeguard against these vulnerabilities. Ignoring these updates could leave devices exposed to active exploitation.

Read Original

Apple has issued updates for macOS and iOS to address two zero-day vulnerabilities in WebKit that were found to be exploited in a highly sophisticated attack. These vulnerabilities could allow attackers to execute malicious code on affected devices, potentially compromising user data and privacy. The updates are crucial for users of Apple's platforms, as they help protect against active threats that exploit these flaws. Users are encouraged to install the latest updates to ensure their devices are secure. This incident also raises concerns about the interconnectedness of browser vulnerabilities, as these flaws are linked to a Chrome exploit, indicating that security issues can cross platform boundaries.

Read Original

The latest Security Affairs Malware Newsletter highlights several significant malware developments affecting multiple countries. Notably, the UDPGangster campaigns are targeting various regions, posing risks to users and organizations. Researchers also discuss ransomware trends related to the Bank Secrecy Act, shedding light on how financial institutions might be affected between 2022 and 2024. Additionally, the return of the ClayRat malware introduces expanded features and techniques that could complicate detection and mitigation efforts. Another concerning finding is the SEEDSNATCHER, an Android malware that targets crypto wallets, raising alarms for cryptocurrency users. These incidents highlight the evolving tactics employed by cybercriminals and the need for heightened security measures.

Read Original
Critical
New ‘DroidLock’ Android Malware Locks Users Out, Spies via Front Camera

Hackread – Cybersecurity News, Data Breaches, AI, and More

Actively Exploited

Researchers at Zimperium zLabs have discovered a new Android malware called DroidLock, which behaves like ransomware. This malicious software can lock users out of their devices and steal sensitive information by tricking them into providing their credentials through phishing tactics. Additionally, DroidLock has the capability to stream users' screens and activate their front cameras through VNC, raising serious privacy concerns. This malware primarily targets Android users, making it essential for them to remain vigilant about their device security and be cautious of suspicious links or applications. The emergence of DroidLock emphasizes the ongoing risks associated with mobile malware and the need for users to adopt strong security practices.

Read Original

Google has addressed a zero-day vulnerability in its Chrome browser that was actively exploited in the wild. This vulnerability, which does not have a CVE identifier, remains shrouded in mystery, as details about its origin and the specific components it affects are unclear. The lack of a CVE means users and security experts have limited information regarding the potential risks involved. However, the fact that it has been exploited means users should update their Chrome browsers promptly to safeguard against potential attacks. Keeping software up to date is crucial in mitigating risks associated with such vulnerabilities.

Read Original

The article discusses a new version of ClayRat Android spyware that has enhanced surveillance and device-control capabilities, indicating an increase in the potential for unauthorized access to personal data. This development poses a significant risk to Android users, as the spyware may be used for malicious purposes such as spying and data theft.

Read Original

GoldFactory, a financially motivated cybercriminal group, has launched new attacks targeting mobile users in Southeast Asia, specifically Indonesia, Thailand, and Vietnam. They are distributing modified banking applications that serve as conduits for Android malware, leading to over 11,000 infections since October 2024, posing significant risks to users' financial security.

Read Original
PreviousPage 7 of 8Next