Malware Alerts

Advanced Malware Campaign Targets WordPress and WooCommerce Sites with Obfuscated Skimmers

Posted: June 25, 2025

Categories: Malware Alerts, Data Breach, Website hacks

Tags: #wordpresssecurity, #woocommerce, #rogueplugins, #malwarecampaign, #ecommercesecurity, #cyberthreats, #creditcardskimmers, #credentialtheft

Author: Npav Lab

A sophisticated malware campaign is targeting WordPress and WooCommerce sites with obfuscated credit card skimmers and credential theft tools. Learn about the advanced techniques and implications of this growing e-commerce cyber threat.

NCSC Alerts on UMBRELLA STAND Malware Targeting Fortinet FortiGate Firewalls

Posted: June 23, 2025

Categories: Malware Alerts, Cyber Attack, firewall

Tags: umbrella stand malware, tls communications, network security threats, ncsc warning, malware persistence, fortinet fortigate firewalls, cybersecurity, cyber attacks, command and control servers

Author: Npav Lab

The NCSC has issued a warning about the UMBRELLA STAND malware targeting Fortinet FortiGate firewalls. Learn about its sophisticated techniques, persistence mechanisms, and the risks it poses to network infrastructure.

GodFather Malware Innovates with On-Device Virtualization to Hijack Banking Apps

Posted: June 20, 2025

Categories: Bank Phishing, Malware Alerts, Banking Trojan, Financial fraud, Fraud Protector

Tags: utilizing on-device virtualization to hijack legitimate banking and cryptocurrency apps. discover how this advanced threat operates and its implications for mobile security., the godfather banking malware has evolved

Author: Npav Lab

The GodFather banking malware has evolved, utilizing on-device virtualization to hijack legitimate banking and cryptocurrency apps. Discover how this advanced threat operates and its implications for mobile security.

New SuperCard Malware Exploits Hacked Android Phones to Steal Payment Card Data

Posted: June 19, 2025

Categories: Malware Alerts, Android Security, Hacking, Credit card scam, Financial fraud

Tags: supercard malware, social engineering attacks, payment card data theft, nfc malware, mobile payment fraud, malware-as-a-service, cybersecurity threats, contactless payment security, android payment security

Author: Npav Lab

A new malware strain called SuperCard exploits hacked Android phones to steal payment card data during contactless transactions. Learn about its infection mechanism and the growing threat to mobile payment security.

Malicious Loan App "RapiPlata" Infects Over 150,000 Devices on iOS and Android

Posted: June 17, 2025

Categories: Malware Alerts, Android Security, Financial fraud, Fraud Protector

Tags: user privacy, spyloan malware, social engineering, rapiplata loan app, malicious app, ios android malware, financial fraud, data theft, cybersecurity threat, app store vulnerabilities

Author: Npav Lab

A fraudulent loan app, "RapiPlata," has infected over 150,000 iOS and Android devices, stealing sensitive data and threatening users. Learn about the app's malicious tactics and ongoing risks.

295 Malicious IPs Target Apache Tomcat Manager with Coordinated Brute-Force Attacks

Posted: June 12, 2025

Categories: Security, Malware Alerts, Cyber Attack, Data Breach

Tags: security vulnerabilities, security cameras, rtsp, malicious ips, http, greynoise, exposed services, digitalocean, cybersecurity, brute-force attacks, authentication measures, apache tomcat manager, access restrictions

Author: Npav Lab

GreyNoise warns of coordinated brute-force attacks on Apache Tomcat Manager interfaces, involving 295 malicious IPs. Learn about the risks and recommended security measures.

Fake Instagram Growth Tool "imad213" Steals Credentials: Malware Alert!

Posted: June 11, 2025

Categories: Malware Alerts, Cyber Attack, Data Breach, Instagram

Tags: socialmedia, security, phishing, malware, instagram, infosec, imad213, hacking, growthtool, cybersecurity, credentialtheft

Author: Npav Lab

A new malware campaign disguised as an Instagram growth tool is stealing login credentials. Learn how "imad213" works and how to protect your account.

FIN6 Leverages Fake LinkedIn Resumes & AWS to Spread More_eggs Malware

Posted: June 11, 2025

Categories: Ransomware, Malware Alerts, Cyber Attack, vulnerability, LinkedIn

Tags: recruiters, phishing campaign, malware via linkedin, malware, linkedin resumes, fin6, aws

Author: Npav Lab

FIN6 cybercrime group uses fake resumes hosted on AWS to deliver More_eggs malware via LinkedIn. Learn how they target recruiters and evade detection.

China-Linked Cyber Espionage Group Targets 70+ Organizations

Posted: June 10, 2025

Categories: Ransomware, Security, Malware Alerts, Cyber Attack, Data Backup, Data Breach, Spyware

Tags: unc5174, purplehaze, cyber espionage group, china cyber espionage, apt15

Author: Npav Lab

Discover how a China-linked cyber espionage group, including APT15 and UNC5174, targeted over 70 organizations across government, media, and other sectors. Learn about the malware used, including ShadowPad and GoReShell, and the exploited vulnerabilities.

New Supply Chain Malware Campaign Targets npm and PyPI Ecosystems, Affecting Millions

Posted: June 08, 2025

Categories: Ransomware, Security, Malware Alerts, Spyware

Tags: supply chain malware, software supply chain attacks, remote access trojan, pypi vulnerabilities, package security, npm security, malware distribution, data protection, cybersecurity threats, credential harvesting

Author: Npav Lab

Cybersecurity experts reveal a significant supply chain attack affecting npm and PyPI ecosystems, compromising numerous packages and exposing millions of users to malware. Learn about the affected packages and how to protect yourself.