Fake YouTube apps leveraged for CapraRAT malware distribution Malicious Android apps impersonating YouTube have been used by Pakistan-linked hacking operation APT36, also known as Transparent Tribe, to facilitate the deployment of its CapraRAT backdoor in its cyberespionage operations against India and Pakistan, BleepingComputer reports.

NCC Group researchers discovered that the Hook Android banking trojan was developed using the source code of the ERMAC backdoor, reports The Hacker News.

SprySocks, Lazarus, Fortinet, Juniper, CISA, Transparent Tribe, AI Art, More News, and Jason Wood on the Security Weekly News.

Operators of the Vidar and RedLine information-stealing malware strains have begun delivering ransomware payloads through tactics initially leveraged for infostealer distribution, suggesting a streamlining of attackers' operations, reports The Hacker News.

Azure Storage instances have been targeted by the ALPHV/BlackCat ransomware gang in new attacks with an updated Sphynx encryptor with custom credential support, BleepingComputer reports.

Linux users have been targeted by a supply chain attack that exploited a download manager website to facilitate Bash stealer deployment from 2020 to 2022, The Hacker News reports.

Suspected Mexico-based threat actors have been deploying the BatLoader malware through an ongoing malvertising campaign leveraging a fake Cisco Webex ad appearing on top of Google search results, according to BleepingComputer.

BleepingComputer reports that macOS computers on the Intel x86_64 architecture have been subjected to attacks involving the new MetaStealer information-stealing malware.