Malware

ClickFix campaigns use fake ChatGPT tools and Terminal tricks to infect macOS with MacSync infostealer.

The FBI's investigation centers on games including BlockBlasters, Chemia, Dashverse/DashFPS, Lampy, Lunara, PirateFi, and Tokenova.

Once inside a system, threat actors deploy Slopoly as a PowerShell script, functioning as a client for a command-and-control (C2) framework.

The PixRevolution malware operates by displaying a fake "Aguarde..." (please wait) loading screen when a user initiates a PIX transfer.

SocksEscort utilized malware, identified as AVrecon, to infect home and small business routers, including devices from brands like Cisco, D-Link, and Netgear.

VENON, first identified last month by Brazilian cybersecurity company ZenoX, infects Windows systems and employs a sophisticated infection chain involving DLL side-loading.

BleepingComputer reports that 88 malicious npm packages impersonating Babel, GraphQL Codegen, and other established projects have facilitated data theft from JavaScript developers as part of three new waves of the PhantomRaven attack campaign from November 2025 to February 2026.