A new MacStealer macOS malware allows operators to steal iCloud Keychain data and passwords from infected systems. Uptycs researchers team discovered a new macOS information stealer, called MacStealer, which allows operators to steal iCloud Keychain data and passwords from infected systems. The macOS malware can steal documents, credit card data, cook

A technical analysis of NullMixer malware operation revealed Italy and France are the favorite European countries from the attackers’ perspective. Executive Summary Our insights into a recent NullMixer malware operation revealed Italy and France are the favorite European countries from the opportunistic attackers’ perspective. In thirty days, the o

China-linked Earth Preta cyberespionage group has been observed adopting new techniques to bypass security solutions. Trend Micro researchers reported that the China-linked Earth Preta group (aka Mustang Panda) is actively changing its tools, tactics, and procedures (TTPs) to bypass security solutions. Earth Preta, also known as “RedDelta” or “Bronze

Researchers discovered a malicious package on PyPI that uses Unicode to evade detection while stealing sensitive data. Supply chain security firm Phylum discovered a malicious Python package on the Python Package Index (PyPI) repository that uses Unicode to evade detection and deliver information-stealing malware. The package, named onyxproxy, was uplo

Puerto Rico Aqueduct and Sewer Authority (PRASA) is investigating a cyber attack with the help of the FBI and US CISA. The Puerto Rico Aqueduct and Sewer Authority (PRASA) is investigating a cyberattack that last week hit the agency. The agency quickly activated the incident response procedure after the attack. The attack was disclosed on March 19, and

The US Cybersecurity and Infrastructure Security Agency (CISA) announced the Pre-Ransomware Notifications service to help organizations stop ransomware attacks before damage occurs. The US Cybersecurity and Infrastructure Security Agency announced a new Pre-Ransomware Notification initiative that aims at alerting organizations of early-stage ransomware at

Researchers reported that China-linked hackers targeted telecommunication providers in the Middle East in the first quarter of 2023. In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. According to the researchers, the activity is part of the Operation Soft

Clop ransomware gang added the City of Toronto to the list of its victims, it is another organization compromised by exploiting GoAnywhere zero-day. Clop ransomware gang added the City of Toronto to the list of victims published on its Tor leak site. The City was targeted as part of a campaign exploiting the recently disclosed zero-day vulnerability

An unknown attacker group is targeting customer service agents at gambling and gaming companies with a new malware effort. Known as IceBreaker, the code is capable of stealing passwords and cookies, exfiltrating files, taking screenshots and running custom VBS scripts. While these are fairly standard functions, what sets IceBreaker apart is its infection ve

Experts warn of an emerging Android banking trojan dubbed Nexus that was employed in attacks against 450 financial applications. Cybersecurity firm experts from Cleafy warn of an emerging Android banking trojan, named Nexus, that was employed by multiple groups in attacks against 450 financial applications. The Nexus ransomware was first

Dole Food Company confirmed that threat actors behind the recent ransomware attack had access to employees’ data. Dole Food Company is an Irish agricultural multinational corporation, it is one of the world’s largest producers of fruit and vegetables, operating with 38,500 full-time and seasonal employees who supply some 300 prod

A tainted version of the legitimate ChatGPT extension for Chrome, designed to steal Facebook accounts, has thousands of downloads. Guardio’s security team uncovered a new variant of a malicious Chat-GPT Chrome Extension that was already downloaded by thousands a day. The version employed in a recent campaign is based on a legitimate open-source project

The European Union Agency for Cybersecurity (ENISA) published its first cyber threat landscape report for the transport sector. A new report published by the European Union Agency for Cybersecurity (ENISA) analyzes threats and incidents in the transport sector. The report covers incidents in aviation, maritime, railway, and road transport industries betwe

Threat actors are targeting organizations located in Donetsk, Lugansk, and Crimea with a previously undetected framework dubbed CommonMagic. In October 2022, Kaspersky researchers uncovered a malware campaign aimed at infecting government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions with a previously un

New ShellBot DDoS bot malware, aka PerlBot, is targeting poorly managed Linux SSH servers, ASEC researchers warn. AhnLab Security Emergency response Center (ASEC) discovered a new variant of the ShellBot malware that was employed in a campaign that targets poorly managed Linux SSH servers. The ShellBot, also known as PerlBot, is a Perl-based DDoS bot t