Unique malware detections during the first three months of 2025 were 171% higher than the last three months of 2024, signifying the largest jump in novel payloads yet, according to Channel Futures.
More than 50,000 North American banking app users have been compromised with the Anatsa Android banking trojan through the malicious "Document Viewer - File Reader" app on the Google Play Store, reports BleepingComputer.
Infostealers deployed via leaked Shellter red team tool exploitation BleepingComputer reports that attacks leveraging a leaked copy of Shellter Project's commercial AV/EDR evasion loader tool Shellter Elite have been launched by several threat actors to facilitate the distribution of the Arechclient2, Lumma, and Rhadamanthys information-stealing payloads since April.
Threat actors have been exploiting search engine optimization poisoning techniques to promote bogus utility websites that facilitate Oyster malware loader distribution as part of a new malvertising campaign, according to The Hacker News.
More threat actors have been leveraging digitally signed drivers and other services to compromise Windows systems with kernel-level malware while circumventing Microsoft's safeguards, including Hypervisor-Protected Code Integrity, PatchGuard, and Driver Signature Enforcement, reports GBHackers News.
Qwizzserial malware has been spread by attackers masquerading as government agencies through Telegram channels purporting to be for financial aid, a Group-IB analysis revealed.
Intrusions commence with communications in Telegram, followed by the delivery of email and Calendly invites containing a bogus Zoom SDK update, which contains the NimDoor malware, a report from SentinelOne's SentinelLabs researchers showed.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.