Malware

More than 60 different threat operations, including SocGholish and ClearFake actors, have become affiliates of the massive VexTrio malware brokerage program, making the group the most substantial broker of malicious traffic, The Hacker News reports.

Malware distribution on open source package repositories increased 1,300% in the last three years, researchers say.

Cryptowallet-targeting macOS backdoor spread via cracked software BleepingComputer reports that threat actors have leveraged cracked macOS software to facilitate the distribution of information-stealing malware targeting cryptocurrency wallets on devices running on at least macOS Ventura.

Significant enhancements to bolster stealth have been added to the latest variant of the Chaes malware identified as "Chae$ 4.1," Hackread reports.

Attacks exploiting a critical out-of-bounds write zero-day vulnerability in VMware Center Server, tracked as CVE-2023-34048, have been deployed by Chinese cyberespionage operation UNC3886 since 2021, two years before the flaw was identified and addressed, reports The Hacker News.

Russia-backed threat group targeting critical infrastructure and leading NGOs and NATO governments, including attacks on U.S. nuclear research facilities.

More than $80 million worth of digital assets from over 100 cryptocurrency brands were exfiltrated by the Inferno Drainer cryptocurrency scam last year, making it the most prolific cryptocurrency drainer last year despite ceasing operations in November, according to SiliconAngle.