Attackers abused Obsidian’s plugin sync and cloud vaults to deliver PHANTOMPULSE malware, targeting financial and crypto professionals. The campaign leveraged social engineering and technical stealth to bypass traditional security measures.
A brief but devastating compromise of CPUID’s website allowed attackers to distribute trojanized versions of CPU-Z and HWMonitor, infecting hundreds worldwide with the powerful STX RAT malware.
#Supply Chain Attack | #Remote Access Trojan | #Trojanized Software
For six hours, the trusted CPUID website served malware-laced versions of CPU-Z and HWMonitor, exposing users to a sophisticated remote access trojan. Here’s how the attack unfolded—and what it means for software trust.
North Korea-linked hackers are now registering real US companies to lure blockchain developers into downloading malware. The graphalgo campaign shows how cybercriminals are blending legal paperwork with technical trickery, making vigilance essential for all developers.
GlassWorm’s latest campaign weaponizes a trusted OpenVSX extension to deliver a persistent RAT, targeting developers using VS Code, Cursor, Windsurf, and more. Here’s how the attack unfolds—and what you need to know to stay safe.
A new ClickFix malware campaign exploits fake CAPTCHAs and Node.js RATs delivered over Tor to steal cryptocurrency, using a professional Malware-as-a-Service model targeting Windows users.
A new wave of cybercrime uses fake software installers to infect computers with RATs and Monero miners, stealing resources and cashing in through stealthy tactics. REF1695’s campaign reveals the modern face of persistent, low-profile malware.
The Axios breach shows how social engineering attacks have scaled up, targeting open source maintainers and exposing millions to risk. This feature investigates the industrialization of these attacks and the urgent need for new defenses.
A new cyber threat, ResokerRAT, turns Telegram’s trusted messaging platform into a covert command center for hijacking Windows PCs. Learn how this malware evades detection and what it means for the future of digital security.
Attackers hijacked Axios’s npm account to publish malware-laden packages using a phantom dependency, exposing thousands of systems to a sophisticated remote access trojan. Discover how the breach happened, the technical details, and essential mitigation steps.