Malware

The campaign targeted approximately 1 million users across various sectors, including government, healthcare, education, and finance.

Discovered by Varonis Threat Labs, Storm infostealer operates as a malicious subscription service, targeting multiple browsers like Chrome, Edge, Firefox, and Waterfox.

Researchers at Zscaler's ThreatLabz discovered a GitHub repository disguised as a leaked TypeScript source code for Anthropic's Claude Code CLI.

Analysis of China-nexus groups also discovers double-pronged strategy, one on immediacy, the other around long dwell times.

The Yurei campaign employs a modular toolkit assembled from readily available resources, lowering the barrier to entry for cybercriminals.

Experts say Apple’s move shows it understood that older iOS and iPadOS devices were vulnerable and being exploited by DarkSword.

The NoVoice operation, identified by McAfee, concealed malicious components within the com.facebook.utils package, blending them with legitimate Facebook SDK classes.

CrystalRAT, which first appeared in January, operates on a tiered subscription model and shares significant similarities with the WebRAT (Salat Stealer) malware, according to Kaspersky researchers.