Malware

Malicious actors have exploited the ClickFix attack technique to facilitate the deployment of the HijackLoader and DeerStealer payloads as part of a new campaign, Infosecurity Magazine reports.

GrayAlpha uses custom loaders to deploy the NetSupport RAT backdoor.

Bad package takes aim at AI apps that contain MacOS data, CI/CD pipelines, and AWS tokens.

Threat actors have been taking over expired or deleted Discord invite links to deploy malicious payloads as part of a new attack campaign, according to The Hacker News.

New BrowserVenom malware spread via DeepSeek spoofing Numerous computers across Mexico, Brazil, Cuba, India, Nepal, Egypt, and South Africa have been compromised with the novel BrowserVenom malware in a phishing campaign involving the impersonation of Chinese artificial intelligence platform DeepSeek-R1, reports The Register.

More than 20,000 information-stealing malware-linked IP addresses and domains were disrupted, while 41 servers underpinning infostealer operations were sequestered between January and April as part of the Interpol-led global law enforcement effort Operation Secure, according to BleepingComputer.

Malware-as-a-service platform Danabot had operational information over the past three years exposed by a command-and-control infrastructure vulnerability, potentially aiding in its disruption as part of the ongoing international law enforcement effort Operation Endgame, according to Cyber Security News.

Newly identified information-stealing malware Myth Stealer has been spread through fake gaming websites, reports The Hacker News.