BTMOB Android malware service generates custom phishing payloads
…Customers can select from a set of permissions the APK requests upon installation, and define what actions the app should take (e.g., disable Google Play, hide its icon to make it…
Search
New TCLBanker malware self-spreads over WhatsApp and Outlook
…It also runs a persistent watchdog thread that continuously hunts for analysis tools like x64dbg, IDA, dnSpy, Frida, ProcessHacker, Ghidra, de4dot, and others. The malware is loaded within the context of the…
Windows 11 KB5089549 & KB5087420 cumulative updates released
…You can install today's update by going to Start > Settings > Windows Update and clicking on 'Check for Updates .' You can also manually download and install the update from the Microsoft Update…
Laravel Lang packages hijacked to deploy credential-stealing malware
…When developers installed the package via Composer, it would download the malicious code while it appeared to install legitimate Laravel Lang releases. Executes a credential-stealer The researchers found that the malicious…
GitHub links repo breach to TanStack npm supply-chain attack
…GitHub revealed the breach on Tuesday, saying it was investigating claims of unauthorized access to its internal repositories and telling BleepingComputer that the incident resulted from an employee installing a malicious Visual…
Microsoft testing adjustable taskbar, Start menu in Windows 11
…Microsoft rolls out revamped Windows Insider Program Microsoft confirms Windows 11 security update install issues Microsoft fixes Windows Autopatch bug installing restricted drivers Microsoft fixes BitLocker recovery issue only for Windows 11…
Chinese hackers target telcos with new Linux, Windows malware
…Infrastructure analysis suggests that the hackers follow a partially decentralized operational model, in which multiple clusters share similar certificate-generation patterns and tooling but target distinct victim sets. Lumen concludes that the…
Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks
…In FakeUpdates attacks, threat actors entice victims with fraudulent software update prompts, usually impersonating browser updates, to trick them into downloading and installing malicious payloads. According to Silent Push researchers, the DriveSurge…
CISA orders feds to patch actively exploited Drupal vulnerability
…Drupal is typically used by large organizations managing massive data structures and multi-site installations, including government entities, educational organizations, major research universities, and high-profile enterprise and media organizations. Google/Mandiant…
Exploit available for new DirtyDecrypt Linux root escalation flaw
…Linux users on distros potentially affected by DirtyDecrypt are advised to install the latest kernel updates as soon as possible. However, those who can't immediately patch their devices should use the…