Intrusions weaponizing the open-source monitoring tool Nezha have been conducted by suspected Chinese threat actors to facilitate Gh0st RAT injections, The Hacker News reports.
More Russian state-backed threat actors were noted by Ukraine's Computer Emergency Response Team to be deploying artificial intelligence-powered cyberattacks to infiltrate the country's increasingly robust cybersecurity defenses, according to The Record, a news site by cybersecurity firm Recorded Future.
Newly emergent Shuyal Stealer malware could pilfer login credentials from 19 different web browsers, including Google Chrome, Microsoft Edge, Opera and Opera GX, Epic, Waterfox, Vivaldi, and Yandex, GBHackers News reports.
Three House Democrats have called on the Department of Homeland Security to explain Immigration and Customs Enforcement's $2 million contract with Israeli spyware firm Paragon Solutions, warning that its use could "threaten Americans' freedom of movement and freedom of speech," according to CyberScoop.
Additional malicious actions have been integrated into the new XWorm 6.0 RAT following the proliferation of a cracked iteration of XWorm 5.6 stemming from the malware operators' abrupt removal of their Telegram account in the second half of 2024, The Hacker News reports.
Enhanced WARMCOOKIE malware discovered More advanced versions of the WARMCOOKIE backdoor as the malware's infrastructure remained afloat after being disrupted by the Europol-coordinated global law enforcement effort Operation Endgame in May, according to GBHackers News.
Cyber Security News reports that organizations in Brazil are having their Windows systems targeted with the self-propagating SORVEPOTEL malware through WhatsApp as part of a new phishing campaign.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
