The Caminho loader, of Brazilian origin, employs spearphishing tactics with business-themed social engineering to target victims in regions like Brazil, South Africa, Ukraine, and Poland.
Doxing campaign crashes Lumma infostealer activity Activity of the Lumma information-stealing malware, also known as LummaC2, has sharply declined amid an underground doxing campaign that exposed the five alleged primary members of the operation, which is also tracked as Storm-2477 and Water Kurita, last month, according to SecurityWeek.
Xubuntu, the Ubuntu-based Linux distribution using the Xfce desktop environment, had its downloads page compromised to deliver cryptocurrency-stealing malware, The Register reports.
BleepingComputer reports that the novel self-propagating GlassWorm malware has been injected into a dozen OpenVSX and Microsoft VSCode extensions, which have been downloaded 35,800 times, as part of an ongoing supply chain intrusion.
BleepingComputer reports that fraudulent software download sites for the Homebrew, LogMeIn, and TradingView platforms have been leveraged to compromise macOS developers with the Atomic macOS Stealer, or AMOS, and Odyssey information-stealing payloads as part of a new ClickFix attack campaign.
Intrusions with the newly emergent CAPI Backdoor have been launched against automotive and e-commerce firms across Russia as part of a new phishing campaign, The Hacker News reports.
