NPM Package with 56K Downloads Caught Stealing WhatsApp Messages
https://www.koi.ai/blog/npm-package-with-56k-downloads-malware-stealing-whatsapp-messages
#HackerNews #NPM #Malware #WhatsApp #Security #Downloads #56K
heise online
boosted
Spionagesoftware enttarnt: Wie Belarus Journalisten mit "ResidentBat" überwacht
Forscher haben eine Android-Spyware identifiziert, die seit Jahren direkt gegen Medienakteure in Weißrussland eingesetzt wird. Sie baut auf dreiste Täuschung.
Spionagesoftware enttarnt: Wie Belarus Journalisten mit "ResidentBat" überwacht
Forscher haben eine Android-Spyware identifiziert, die seit Jahren direkt gegen Medienakteure in Weißrussland eingesetzt wird. Sie baut auf dreiste Täuschung.
Alex Akselrod
boosted
🦀 Looking for Rust malware samples to practice analyzing? Our Rust Malware Sample Gallery just received a major update, with 20 new families added! https://github.com/decoderloop/rust-malware-gallery
The Sample Gallery collects links to articles about malware written in Rust, organizes them by malware family, and includes a download link to a publicly available sample for every malware family. This is a resource for any malware analyst who wants to get hands-on with real Rust malware.
The last time the Sample Gallery was updated was almost 2 years ago, in January 2024. Since then, there's been an explosive growth in new Rust malware, including all of the following families that are now in the Sample Gallery:
SPICA, KrustyLoader, RustDoor, SSLoad, Fickle Stealer, Cicada3301 Ransomware, RustyClaw, Embargo Ransomware, RustyAttr, Akira Ransomware (both the Akira_v2 and Megazord variants), Banshee (Rust variant), RALord Ransomware, RustoBot, Tetra Loader, EDDIESTEALER, Myth Stealer, Rustonotto, RustyPages, ChaosBot
This is nearly one new Rust malware family observed in the wild, every month. Rust as a programming language for malware is here to stay!
#rust #rustlang #malware #infosec #ReverseEngineering #MalwareAnalysis #reversing
🦀 Looking for Rust malware samples to practice analyzing? Our Rust Malware Sample Gallery just received a major update, with 20 new families added! https://github.com/decoderloop/rust-malware-gallery
The Sample Gallery collects links to articles about malware written in Rust, organizes them by malware family, and includes a download link to a publicly available sample for every malware family. This is a resource for any malware analyst who wants to get hands-on with real Rust malware.
The last time the Sample Gallery was updated was almost 2 years ago, in January 2024. Since then, there's been an explosive growth in new Rust malware, including all of the following families that are now in the Sample Gallery:
SPICA, KrustyLoader, RustDoor, SSLoad, Fickle Stealer, Cicada3301 Ransomware, RustyClaw, Embargo Ransomware, RustyAttr, Akira Ransomware (both the Akira_v2 and Megazord variants), Banshee (Rust variant), RALord Ransomware, RustoBot, Tetra Loader, EDDIESTEALER, Myth Stealer, Rustonotto, RustyPages, ChaosBot
This is nearly one new Rust malware family observed in the wild, every month. Rust as a programming language for malware is here to stay!
#rust #rustlang #malware #infosec #ReverseEngineering #MalwareAnalysis #reversing
Donnerstag: EU-Ermittlungen gegen Temu, Preismanipulation von Instacart per KI
Subventionsvorwürfe an Temu + Preiserhöhungen durch Instacart-KI + Nvidias Tracking gegen KI-Chip-Schmuggel + Update für Notepad++ gegen Malware + #heiseshow
#eCommerce #Handel #hoDaily #Journal #Malware #Nvidia #OpenSource #Subventionen #Tracking #Twitter #Updates #Verbraucherschutz #news
If there's one thing from my ~two decades in journalism I still think about with the hatred that burns with the heat of a thousand suns, it's "stalkerware," a kind of phone surveillance used against millions of people around the world
When a documentary crew from my native U.K. reached out to me after reading some of my work investigating these illegal operations, I jumped at the chance to chat with them.
Here's what I've learned in five years reporting on stalkerware.
@zackwhittaker also checkout @maia 's #FuckStalkerware series…
Sabrina Web :privacypride: 📎
boosted
Era ora! Microsoft corregge vulnerabilità di Windows sfruttata da 8 anni
📌 Link all'articolo : https://www.redhotcyber.com/post/era-ora-microsoft-corregge-vulnerabilita-di-windows-sfruttata-da-8-anni/
#redhotcyber #news #microsoft #windows #vulnerabilita #cybersecurity #hacking #malware #sicurezzainformatica
heise online
boosted
Podcast "Passwort" 46: News von Würmern, Schluckauf und Husten
Die Jahreszeit erzeugt auch in der Security-Branche allerlei Malaisen: Cloudflare verschluckt sich bös, NPM hat wieder Wurmbefall – und Christopher hustet.
#IT #JavaScript #Journal #Malware #PasswortPodcast #Podcast #Security #ShaiHulud #news
ajuvo ✔
boosted
GlassWorm has resurfaced with 24 malicious extensions posing as popular developer tools across Visual Studio Marketplace and Open VSX. The campaign uses Rust implants, Solana-based C2, and inflated download stats to slip harmful updates into trusted environments.
This wave shows how supply-chain attacks continue evolving by blending seamlessly into developer workflows.
What protections do you think dev ecosystems should prioritize next?
Follow us for consistent, unbiased cybersecurity coverage.
#infosec #glassworm #supplychainsecurity #devsecops #vscode #openvsx #malware #threatintel #securityresearch #technadu
heise online
boosted
Android TV: YouTube-Client SmartTube war mit Malware verseucht
Unbekannte konnten SmartTube mit Malware verseuchen und die Version kurzzeitig in Umlauf bringen. Nun gibt der Entwickler Einblicke zum Vorfall.
Era ora! Microsoft corregge vulnerabilità di Windows sfruttata da 8 anni
📌 Link all'articolo : https://www.redhotcyber.com/post/era-ora-microsoft-corregge-vulnerabilita-di-windows-sfruttata-da-8-anni/
#redhotcyber #news #microsoft #windows #vulnerabilita #cybersecurity #hacking #malware #sicurezzainformatica
Podcast "Passwort" 46: News von Würmern, Schluckauf und Husten
Die Jahreszeit erzeugt auch in der Security-Branche allerlei Malaisen: Cloudflare verschluckt sich bös, NPM hat wieder Wurmbefall – und Christopher hustet.
#IT #JavaScript #Journal #Malware #PasswortPodcast #Podcast #Security #ShaiHulud #news
GlassWorm has resurfaced with 24 malicious extensions posing as popular developer tools across Visual Studio Marketplace and Open VSX. The campaign uses Rust implants, Solana-based C2, and inflated download stats to slip harmful updates into trusted environments.
This wave shows how supply-chain attacks continue evolving by blending seamlessly into developer workflows.
What protections do you think dev ecosystems should prioritize next?
Follow us for consistent, unbiased cybersecurity coverage.
#infosec #glassworm #supplychainsecurity #devsecops #vscode #openvsx #malware #threatintel #securityresearch #technadu
Android TV: YouTube-Client SmartTube war mit Malware verseucht
Unbekannte konnten SmartTube mit Malware verseuchen und die Version kurzzeitig in Umlauf bringen. Nun gibt der Entwickler Einblicke zum Vorfall.
calvin 🛋️
liked this activity
Wow, if you search for signal messenger on DuckDuckGo using Chrome, the actual @signalapp web site is the *third* entry following ads for “Signal Private Messenger – Free Download” that leads to the site appmaus.com and “Get Signal Messenger | Install Signal App” that leads to the site filelocations.com.
DuckDuckGo should be held criminally liable for anyone who ends up downloading malware because of this.
CC @Mer__edith
#DuckDuckGo #Signal #adtech #teachingPeopleHowToGetPhished #malware #security #privacy #BigTech
Joachim
and 2 others
boosted
Wow, if you search for signal messenger on DuckDuckGo using Chrome, the actual @signalapp web site is the *third* entry following ads for “Signal Private Messenger – Free Download” that leads to the site appmaus.com and “Get Signal Messenger | Install Signal App” that leads to the site filelocations.com.
DuckDuckGo should be held criminally liable for anyone who ends up downloading malware because of this.
CC @Mer__edith
#DuckDuckGo #Signal #adtech #teachingPeopleHowToGetPhished #malware #security #privacy #BigTech
heise online
boosted
heise+ | KI-erstellte Malware: Medienhype oder reale Bedrohung?
Künstliche Intelligenz hält Einzug in Malware. Wird Schadsoftware dadurch gefährlicher? Wir ordnen aktuelle Entwicklungen ein und sortieren Übertreibungen aus.
#Cybercrime #IT #KünstlicheIntelligenz #Malware #Ransomware #Security #news
