Threat actors have sought to compromise Linux systems with the CoinMiner cryptocurrency mining malware through three novel malicious Python Package Index repository packages, which have been cumulatively downloaded 431 times before being removed from the PyPI repository, reports The Hacker News.
Ukraine has been targeted by the UAC-0050 threat operation with more advanced phishing attacks spreading the Remcos RAT surveillance tool, which involved the use of a pipe technique for interprocess communication in a bid to better bypass security system detection, according to The Hacker News.
BleepingComputer reports that expired authentication cookies are being revived for account access by numerous information-stealing malware strains by leveraging the newly discovered MultiLogin Google OAuth endpoint.
Phishing attacks using the novel JinxLoader malware loader have been launched to facilitate the deployment of the Formbook and XLoader payloads, reports The Hacker News.
Organizations have been targeted by North Korean state-sponsored hacking operation Kimsuky with new spear-phishing attacks that deployed different backdoors, including AppleSeed, TinyNuke, and Meterpreter, The Hacker News reports.
Less than a year after it re-emerged following earlier security issues, Microsoft has again taken action to limit malware distribution through its ms-appinstaller protocol for MSIX.
BleepingComputer reports that the well-received indie strategy game "Slay the Spire" had its fan-made expansion dubbed "Downfall" compromised on Christmas to distribute the Epsilon information-stealing malware.