Malicious GitHub repositories purporting to be open-source intelligence tools and developer utilities have been used to spread the nascent PyStoreRAT malware, SiliconANGLE reports.
Newly emergent NANOREMOTE malware sets sights on Windows systems Windows systems are aimed to be compromised by the new NANOREMOTE backdoor, which overlaps with the FINALDRAFT implant linked to suspected Chinese threat operation REF7707, also known as Earth Alux, JewelBug, and CL-STA-0049, reports The Hacker News.
HackRead reports that fake PNG files have been harnessed to obscure trojans across 19 malicious VSCode extensions as part of an advanced attack campaign that has been underway since February.
Attacks with the newly discovered AshTag malware suite have been launched by Hamas-affiliated advanced persistent threat operation WIRTE, also known as Ashen Lepus, against over a dozen Middle Eastern government and diplomatic organizations since 2020, The Hacker News reports.
Malicious Google Search ads redirecting to ChatGPT and Grok guides have been harnessed to distribute the Atomic macOS Stealer, or AMOS, malware as part of a ClickFix attack campaign, BleepingComputer reports.
Attacks exploiting the maximum severity React2Shell vulnerability in React Server Components, tracked as CVE-2025-55182, have enabled the deployment of several newly emergent malware payloads and cryptocurrency miners, according to The Hacker News.
Cybersecurity researchers at Bitdefender uncovered the threat within a torrent file, which employed a Living Off the Land (LOTL) technique to evade detection.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
