Topic: infostealer malware
-
Skuld Infostealer Exploits WSUS Flaw (CVE-2025-59287)
A critical remote code execution vulnerability (CVE-2025-59287) in Windows Server Update Services (WSUS) is being actively exploited, allowing attackers to install information-stealing malware on unpatched systems. The flaw stems from unsafe deserialization of untrusted data, enabling unauthentic...
Read More » -
Webinar: How Stolen Credentials Threaten Your Network Security
Cybercriminals increasingly use stolen credentials to bypass complex hacking methods, making identity security a top priority, as highlighted in an upcoming July 9th webinar by cybersecurity experts. The webinar will explore credential-based attacks, including infostealer malware and tactics like...
Read More » -
Malicious 'TradingView Premium' Ads Spread from Meta to Google
A malvertising campaign has expanded from Facebook to Google Ads, using fake offers of free TradingView Premium to distribute advanced information-stealing malware. The scam involves hijacking legitimate Google Ads accounts and verified YouTube channels, which are rebranded to impersonate Trading...
Read More » -
Sextortion Spyware: Webcam Pics Snapped During Porn Viewing
A new spyware called Stealerium automates the capture of compromising images by monitoring online activity for adult content keywords and activating the webcam for blackmail. Unlike typical infostealers, Stealerium specifically targets intimate moments to gather deeply personal material, increasi...
Read More » -
6 Browser Threats Your Security Team Must Prepare for in 2025
The browser is now a primary attack surface for cyber threats, targeting cloud applications and corporate data through sophisticated campaigns. Key browser-based threats include phishing for credentials and sessions, malicious code delivery, and malicious OAuth integrations, which bypass traditio...
Read More » -
Massive YouTube Malware Ring Uncovered by Researchers
Security researchers uncovered the "YouTube Ghost Network," a deceptive malware operation using fake or hijacked channels to distribute harmful software and phishing links through enticing offers like free game cheats or cracked applications. The network employed a sophisticated structure with di...
Read More » -
Microsoft Fights 100 Trillion AI Attacks Daily
Microsoft processes over 100 trillion security signals daily, indicating a massive surge in AI-powered cyberattacks that threaten economic stability and personal safety. AI is dual-use, enabling both advanced cyberattacks like autonomous malware and faster defenses, with identity-based attacks an...
Read More » -
FileFix Attack Evades Security with Cache Smuggling
A new FileFix social engineering attack uses cache smuggling to deliver malware undetected by disguising itself as a Fortinet VPN Compliance Checker and tricking users into executing hidden PowerShell commands. The attack involves copying a text string that secretly contains a script to search br...
Read More » -
iiNet Data Breach Exposes Over 280,000 Australian Customers
A data breach at iiNet, an Australian ISP, exposed the personal information of over 280,000 customers after an unauthorized third party used stolen employee credentials to access its order management system. The compromised data included email addresses, phone numbers, usernames, and some passwor...
Read More »
