In November 2024, Microsoft discovered a new remote access trojan (RAT) named StilachiRAT, which employs advanced techniques to avoid detection and steal sensitive data. This malware can extract credentials from web browsers, monitor remote desktop sessions, and collect information about the target system. Currently, there’s no known specific threat actor tied to StilachiRAT, and its ...
Malware targeting macOS is becoming more common, particularly from North Korean hackers who are using sophisticated methods to steal sensitive data. Recent investigations uncovered two types of malware: RustDoor and a new variant of Koi Stealer, both disguised as legitimate software updates. These attackers often pose as job recruiters to lure software developers into downloading ...
A recent cybersecurity report highlights a new campaign by the North Korea-linked Lazarus Group, using fake LinkedIn job offers related to cryptocurrency and travel to spread malware. Victims are initially attracted by promises of flexible, well-paying remote jobs. Once engaged, they share personal information, leading to a malicious GitHub link that contains an information-stealing script. ...
A Brazilian citizen, Junior Barros De Oliveira, has been charged in the U.S. for threatening to disclose data stolen from a company during a security breach in March 2020. In the incident, he accessed the systems of a Brazilian subsidiary of a New Jersey company, stealing sensitive information related to over 300,000 customers. By September ...
Cybersecurity researchers have revealed a year-long software supply chain attack on the npm package registry, initiated by the seemingly harmless library @0xengine/xmlrpc. This package, which originally functioned as a JavaScript XML-RPC server for Node.js, was compromised shortly after its launch to include malicious code capable of stealing sensitive information and mining cryptocurrency. The malicious features ...
