Malware Alerts

Cybercriminals Exploit X’s Grok AI to Bypass Ad Protections and Spread Malware

Posted: September 08, 2025

Categories: Malware Alerts, Twitter, AI

Tags: fp-3b, fp-3a, fp-1b, fp-1a

Author: Npav Lab

Cybercriminals use X’s AI assistant Grok to bypass ad restrictions and distribute malware through hidden links, reaching millions. Learn about the “Grokking” technique and its impact.

Hackers Exploit macOS Security Features to Distribute Malware: What You Need to Know

Posted: September 02, 2025

Categories: Malware Alerts, Hacker

Tags: fp-4c, fp-3b, fp-3a, fp-1b

Author: Npav Lab

Hackers are exploiting macOS security features like Keychain, TCC, SIP, and Gatekeeper to spread malware. Learn how to detect and prevent these advanced macOS attacks.

Sindoor Dropper Malware Targets Linux Systems Using Weaponized .desktop Files

Posted: September 01, 2025

Categories: Malware Alerts

Tags: fp-6e, fp-4b, fp-3b, fp-3a

Author: Npav Lab

Discover how Sindoor Dropper malware uses weaponized .desktop files to infect Linux systems via spear-phishing and deploys MeshAgent RAT.

TamperedChef Malware Disguised as AppSuite PDF Editor Steals Sensitive Data

Posted: August 28, 2025

Categories: Malware Alerts, Data Breach, AI

Tags: fp-3b, fp-3a, fp-1a

Author: Npav Lab

Discover how the TamperedChef malware uses a fake PDF editor to steal login credentials and sensitive data in a widespread 2025 cyberattack.

Malicious Go Module Poses as SSH Brute-Force Tool: Credential Theft via Telegram Bot

Posted: August 27, 2025

Categories: Malware Alerts, Telegram

Tags: fp-3b, fp-2a, fp-1b

Author: Npav Lab

Discover how a malicious Go module masquerading as an SSH brute-force tool exfiltrates credentials to a Telegram bot. Learn about its key features and the threat it poses.

New Hook Android Banking Malware: Advanced Features and Threat Insights

Posted: August 27, 2025

Categories: Malware Alerts, Android Security

Tags: fp-3b, fp-3a, fp-2c

Author: Npav Lab

Zimperium’s zLabs has uncovered a new variant of the Hook Android banking trojan, featuring ransomware-style overlays and advanced credential theft tactics. Learn about its key features and technical insights.

AI Website Generators Exploited for Malware Campaigns: A Growing Threat

Posted: August 27, 2025

Categories: Malware Alerts, AI

Tags: fp-3b, fp-3a, fp-2a, fp-1b

Author: Npav Lab

Adversaries are misusing AI-powered website builders like Lovable to create malicious infrastructure for malware distribution and credential phishing. Discover the emerging threats and how organizations can protect themselves.

PhantomCard Malware: New NFC-Based Threat Targeting Android Banking Users

Posted: August 21, 2025

Categories: Bank Phishing, Malware Alerts, Android Security

Tags: fp-2e, fp-2d, fp-2c, fp-2b, fp-1b, fp-1a

Author: Npav Lab

Discover PhantomCard, a sophisticated NFC-based Trojan targeting banking customers in Brazil. Learn how this malware exploits NFC relay attacks to steal sensitive card data and facilitate unauthorized transactions.

RingReaper Malware Targets Linux Servers, Evading EDR Solutions

Posted: August 20, 2025

Categories: Malware Alerts

Tags: fp-6e, fp-6c, fp-6b, fp-6a

Author: Npav Lab

Discover how RingReaper, a sophisticated malware strain, targets Linux environments and evades traditional endpoint detection and response systems using advanced techniques. Learn about its impact on security.

New GodRAT Malware Targets Financial Institutions via Screensaver and Program Files

Posted: August 20, 2025

Categories: Malware Alerts, Financial fraud

Tags: fp-3c, fp-3b, fp-3a, fp-1b

Author: Npav Lab

Discover how the new GodRAT malware, derived from the Gh0st RAT codebase, infiltrates financial institutions using malicious screensaver and program files. Learn about its evolution and impact on security.