Bleeping Computer

Researchers sinkhole PlugX malware server with 2.5 million unique IPs

Researchers have sinkholed a command and control server for a variant of the PlugX malware and observed in six months more than 2.5 million connections from unique IP addresses. Since last September, ...
CSO Online

Iranian APT Prince of Persia returns with new malware and C2 infrastructure

Once considered dormant, the threat group has been quite active in evolving its techniques and tools, with updated malware for reconnaissance and data exfiltration.

SantaStealer is a cheap malware that steals credentials, crypto & more

SantaStealer is built around fourteen separate data collection modules, each operating in its own execution thread, which extract browser credentials, cookies, browsing history, stored payment details ...
Bleeping Computer

Interpol operation Synergia takes down 1,300 servers used for cybercrime

An international law enforcement operation code-named 'Synergia' has taken down over 1,300 command and control servers used in ransomware, phishing, and malware campaigns. Command and control servers ...
CSO Online

MacSync Stealer malware bypasses macOS Gatekeeper security warnings

MacSync Stealer, by contrast, is downloaded from an ordinary-looking utility URL as a code-signed and notarized Swift ...
Ars Technica

Never-before-seen Linux malware gets installed using 1-day exploits

Researchers have unearthed Linux malware that circulated in the wild for at least two years before being identified as a credential stealer that’s installed by the exploitation of recently patched ...
Hackaday

Prompt Injection Tricks AI Into Downloading And Executing Malware

[wunderwuzzi] demonstrates a proof of concept in which a service that enables an AI to control a virtual computer (in this case, Anthropic’s Claude Computer Use) is made to download and execute a ...