Malware Alerts

Cybersecurity agencies including CISA and FBI have issued a warning about the growing use of a stealthy cyberattack technique called Fast Flux, used by hackers to hide malware servers, enable phishing websites, and build resilient command-and-control (C2) systems.

Cybersecurity researchers have discovered a dangerous new Android spyware app that uses password protection and Android overlay tricks to stay hidden and prevent uninstallation. Installed by someone with physical access, this app secretly spies on the victim while making it very hard to remove.

Cybersecurity researchers have discovered a new Android malware, Salvador Stealer, which is designed to steal banking credentials and one-time passwords (OTPs). This malware pretends to be a legitimate banking app, tricking users into entering sensitive financial details.

Cybersecurity researchers have discovered a dangerous phishing campaign where Pakistani APT hackers are using a fake India Post website to spread malware to Windows and Android users. The fraudulent site, hosted at postindia[.]site, tricks victims into downloading malicious files, putting their data and devices at risk.

Hackers have launched a new attack using fake hotel and travel booking websites to spread LummaStealer malware. Disguised as legitimate booking confirmation pages, these fraudulent sites trick users into running harmful commands that compromise their personal and financial information.

Cybercriminals are using fake file conversion tools to infect users' devices with malware. The FBI has issued an urgent warning about free Word to PDF converters that secretly install malicious software, leading to identity theft, ransomware attacks, and data breaches.

A new cyber threat is targeting developers and online users through AI-generated fake GitHub repositories. Attackers are using deceptive documentation and hidden malware to steal sensitive data, including login credentials, cryptocurrency wallets, and two-factor authentication (2FA) codes.

Microsoft has uncovered a large-scale malware attack, named Storm-0408, that infected nearly one million devices worldwide. The attackers used malvertising on illegal streaming sites to spread malware hosted on GitHub, Discord, and Dropbox. The malware stole personal data, browser credentials, and even disabled security protections.

A dangerous new version of the Android Remote Access Tool (RAT), called AndroRAT, is being used by hackers to steal unlock patterns, PINs, and passcodes from Android devices. Originally an open-source university project in 2012, AndroRAT has now evolved into a powerful malware that bypasses security defenses up to Android 15. This latest variant spreads through fake apps and phishing links, using advanced techniques to hijack device controls, steal biometric data, and break into locked smartphones.

Cybercriminals are using stolen browser fingerprints to bypass security checks and impersonate users. The ScreamedJungle attack targets outdated Magento e-commerce platforms to inject malicious scripts that steal unique digital identifiers. This allows hackers to evade security systems, including multi-factor authentication (MFA) and device reputation checks.