BleepingComputer reports that more than 12 million Android devices have collectively downloaded 18 malicious loan apps dubbed "SpyLoan," which could exfiltrate not only call logs, local Wi-Fi network information, and image metadata but also text messages, location information, and contact lists.
Organizations in the government, real estate, telecommunications, retail, and other sectors across the U.S., Africa, and the Middle East have been subjected to intrusions under the new CL-STA-0002 threat cluster.
BBC News reports that major online travel agency Booking.com had its customers in the U.S., UK, and other parts of the world impacted by fraud following a social engineering attack that involved the deployment of the Vidar information-stealing malware.
Threat actors have begun leveraging the critical Apache ActiveMQ vulnerability, tracked as CVE-2023-46604, to facilitate the distribution of the Golang-based GoTitan botnet and PrCtrl Rat, a .NET program, as well as the Sliver, Kinsing, and Ddostff malware strains, Hackread reports.