News

The Hacker News7d
PyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environments
Malware-laced PyPI and npm packages steal developer credentials, CI/CD data, and crypto wallets. Attacks target macOS, AI ...
GovInfoSecurity6d
Malicious PyPI Package Targets Developer Credentials
Multi-stage malware embedded in a Python package is stealing sensitive cloud infrastructure data, JFrog researchers said ...
Meta halts phone and browser tracking tools after researchers expose user snooping
In the researcher's words, “These native Android apps receive browsers' metadata, cookies and commands from the Meta Pixel and Yandex Metrica scripts embedded on thousands of websites. These ...
SecurityWeek3d
Godfather Android Trojan Creates Sandbox on Infected Devices
The Godfather Android trojan uses on-device virtualization to hijack legitimate applications and steal users’ funds.
Android4d
How to Protect Your Business Against Android Malware
Using an interactive malware sandbox, such as ANY.RUN, which supports threat detection across Windows, Linux, and Android systems, gives your team a head start by analyzing suspicious apps in a ...
TechRadar4d
Mobile banking users beware - "Godfather" malware is now hijacking official bank apps
Zimperium spots new version of Godfather among Turkish Android users New version creates virtualized versions of legitimate banking apps in a sandbox It can exfiltrate login credentials, PIN codes ...
SecurityWeek3d
Cloudflare Tunnels Abused in New Malware Campaign
A threat actor is abusing Cloudflare Tunnels for the delivery of a Python loader as part of a complex infection chain.
Forbes10d
Fileless Malware’s Free Ride: Why Hardware Is The Game-Changer
In 2024 alone, fileless malware like HeadCrab doubled its grip on cloud servers, silently mining cryptocurrency from over 2,300 victims. Meanwhile, a 1,400% surge in these invisible attacks blind ...