Malware

Tapjacking, ZuChe, PerfektBlue, McHacking, OT in the IT, Add Ons, Josh Marpet, and More on this episode of the Security Weekly News.

Malicious actors have utilized a trojanized version of the crossplatform SSH client and servermanagement tool Termius to deliver an updated iteration of the ZuRu macOS malware, according to The Hacker News.

More than 2.3 million Google Chrome and Microsoft Edge users had their browsers hijacked as part of the RedDirection attack campaign involving 18 nefarious extensions, according to The Register.

Unique malware detections during the first three months of 2025 were 171% higher than the last three months of 2024, signifying the largest jump in novel payloads yet, according to Channel Futures.

More than 50,000 North American banking app users have been compromised with the Anatsa Android banking trojan through the malicious "Document Viewer - File Reader" app on the Google Play Store, reports BleepingComputer.

Infostealers deployed via leaked Shellter red team tool exploitation BleepingComputer reports that attacks leveraging a leaked copy of Shellter Project's commercial AV/EDR evasion loader tool Shellter Elite have been launched by several threat actors to facilitate the distribution of the Arechclient2, Lumma, and Rhadamanthys information-stealing payloads since April.

Threat actors have been exploiting search engine optimization poisoning techniques to promote bogus utility websites that facilitate Oyster malware loader distribution as part of a new malvertising campaign, according to The Hacker News.

More threat actors have been leveraging digitally signed drivers and other services to compromise Windows systems with kernel-level malware while circumventing Microsoft's safeguards, including Hypervisor-Protected Code Integrity, PatchGuard, and Driver Signature Enforcement, reports GBHackers News.