Topic: malware detection

November 17, 2025

Google Play Store to warn about battery-draining Android apps

Google Play Store will flag Android apps that drain batteries through excessive background activity, potentially reducing their visibility in search and recommendations. Developers must update their apps by March 1, 2026, to comply with new metrics targeting "excessive partial wake locks," which ...

November 14, 2025

Police Takedown: Rhadamanthys, VenomRAT, and Elysium Malware Operations Disrupted

An international law enforcement effort led by Europol and Eurojust dismantled over 1,000 servers used by major malware families like Rhadamanthys, VenomRAT, and the Elysium botnet, with support from nine countries and private cybersecurity firms. The operation resulted in the arrest of a key sus...

November 7, 2025

Google AI Detects Malware That Morphs During Attacks

Google has identified a new generation of AI-powered malware that rewrites its own code during attacks, making it more resilient and harder to detect by dynamically altering behavior and evading security systems. Several malware families, such as FRUITSHELL, PROMPTFLUX, and PROMPTLOCK, are active...

November 7, 2025

Identify Ransomware: .BAGAJAI Ext (MedusaLocker3/Far Attack)

The .BAGAJAI ransomware encrypts files and targets backups, demanding a ransom via specific TOR pages or email addresses, posing a severe threat to small businesses and individuals. Security analysis uncovered malicious components like chisel.exe and BAGAJAI.exe, along with Mimikatz tools, indica...

November 7, 2025

Identify & Remove .BAGAJAI Ransomware (MedusaLocker3)

The .BAGAJAI ransomware, a variant of MedusaLocker3, encrypts files and demands cryptocurrency payment for decryption, often leaving victims with compromised backups and no free recovery tools available. Attackers use sophisticated methods like credential dumping tools such as Mimikatz to escalat...

November 2, 2025

Qilin Ransomware Exploits WSL to Deploy Linux Encryptors

The Qilin ransomware group uses the Windows Subsystem for Linux (WSL) to deploy Linux encryptors on Windows machines, evading detection by security tools designed for Windows threats. They have targeted over 700 organizations across 62 countries, employing remote access tools and BYOVD attacks to...

October 29, 2025

Trump admin anti-DEI rules block Python security upgrade

The Python Software Foundation withdrew a major NSF grant application because new federal rules would have prohibited any DEI programming, which conflicted with its core mission and principles. This mirrors a similar case with The Carpentries, where a grant was pulled due to DEI-related content, ...

October 22, 2025

October 2025 Threat Report: Barracuda SOC Insights

Akira ransomware is exploiting unpatched SonicWall VPN vulnerabilities (CVE-2024-40766), bypassing multi-factor authentication through stolen credentials and encrypting data rapidly. Attackers are increasingly using Python scripts to automate and disguise malicious activities, such as deploying p...

August 30, 2025

Defeat Malware Evasion with New Framework

Malware creators use subtle code modifications to evade AI detection systems while preserving harmful functionality, but a new framework called ERDALT offers a countermeasure by focusing on robust features. ERDALT, developed by Inria and CISPA, trains on adversarial examples and prioritizes stabl...