Phishing attack hides JavaScript using invisible Unicode trick
A new JavaScript obfuscation method utilizing invisible Unicode characters to represent binary values is being actively abused in phishing attacks targeting affiliates of an American political action committee (PAC). Juniper Threat Labs that spotted the attack reports that it took place in early January 2025 and carries signs of sophistication such as the use of: […]
New FrigidStealer infostealer infects Macs via fake browser updates
The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer. The new malware is delivered to Mac users, but the same campaign also uses Windows and Android payloads to cover a broad range of targets. The […]
Australian fertility services giant Genea hit by security breach
Genea, one of Australia’s largest fertility services providers, disclosed that unknown attackers breached its network and accessed data stored on compromised systems. Genea issued a statement on Wednesday, saying it’s “urgently investigating a cyber incident” after detecting “suspicious activity” on its network. “Our ongoing investigation has identified that an unauthorised third party has accessed Genea data. We are urgently […]
Palo Alto Networks tags new firewall bug as exploited in attacks
Palo Alto Networks warns that a file read vulnerability (CVE-2025-0111) is now being chained in attacks with two other flaws (CVE-2025-0108 with CVE-2024-9474) to breach PAN-OS firewalls in active attacks. The vendor first disclosed the authentication bypass vulnerability tracked as CVE-2025-0108 on February 12, 2025, releasing patches to fix the vulnerability. That same day, Assetnote […]
Russian phishing campaigns exploit Signal’s device-linking feature
Russian threat actors have been launching phishing campaigns that exploit the legitimate “Linked Devices” feature in the Signal messaging app to gain unauthorized access to accounts of interest. Over the past year, researchers observed phishing operations attributed to Russian state-aligned groups that used multiple methods to trick targets into linking their Signal account to a […]
New WinRAR version strips Windows metadata to increase privacy
WinRAR 7.10 was released yesterday with numerous features, such as larger memory pages, a dark mode, and the ability to fine-tune how Windows Mark-of-the-Web flags are propagated when extracting files. WinRAR is a popular file archiver and compression tool for Windows that allows users to create, extract, and manage compressed files, primarily in RAR, ZIP, […]
Cracked Garry’s Mod, BeamNG.drive games infect gamers with miners
A large-scale malware campaign dubbed “StaryDobry” has been targeting gamers worldwide with trojanized versions of cracked games such as Garry’s Mod, BeamNG.drive, and Dyson Sphere Program. These titles are top-rated games with hundreds of thousands of ‘overwhelmingly positive’ reviews on Steam, making them good targets for malicious activity. It’s worth noting that a laced Beamng […]
Venture capital giant Insight Partners hit by cyberattack
New York-based venture capital and private equity firm Insight Partners has disclosed that its systems were breached in January following a social engineering attack. The company manages over $90 billion in regulatory assets and has invested in over 800 software and technology startups and companies worldwide during its 30 years of activity. In a statement […]
Microsoft reminds admins to prepare for WSUS driver sync deprecation
Microsoft once again reminded IT administrators that driver synchronization in Windows Server Update Services (WSUS) will be deprecated on April 18, just 60 days from now. After its deprecation, the company encourages enterprises to adopt cloud-based solutions for client and server updates, like Windows Autopatch, Azure Update Manager, and Microsoft Intune. “For on-premises contexts, drivers […]
Chinese hackers abuse Microsoft APP-v tool to evade antivirus
The Chinese APT hacking group “Mustang Panda” has been spotted abusing the Microsoft Application Virtualization Injector utility as a LOLBIN to inject malicious payloads into legitimate processes to evade detection by antivirus software. This technique was discovered by threat researchers at Trend Micro, who track the threat group as Earth Preta, reporting that they have verified over […]