Researchers have identified a sophisticated new strain of malware that bypasses traditional detection mechanisms by entirely omitting the Portable Executable (PE) header in Windows environments. […]
Author: cyberbytes
Weaponized PyPI Package Executes Supply Chain Attack to Steal Solana Private Keys
A chilling discovery by Socket’s Threat Research Team has exposed a meticulously crafted supply chain attack on the Python Package Index (PyPI), orchestrated by a […]
Hackers Use AI-Generated Videos on TikTok to Spread Info-Stealing Malware
TrendMicro has uncovered a sophisticated campaign where threat actors are exploiting TikTok to distribute information-stealing malware. By leveraging AI-generated videos posing as tutorials for unlocking […]
U.S. Sanctions Funnull for $200M Romance Baiting Scams Tied to Crypto Fraud
The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) has levied sanctions against a Philippines-based company named Funnull Technology Inc. and its administrator […]
Passwortlose Authentifizierung wird für CISOs immer wichtiger
Selbst MFA ist vor raffinierten, KI-gesteuerten Phishing-Angriffen nicht sicher. Biometrische Verfahren gelten als vielversprechende Alternative. CC7 – shutterstock.com Die rasante Entwicklung von KI-Agenten eröffnet Cyberkriminellen […]
Next.js Dev Server Vulnerability Leads to Developer Data Exposure
A recently disclosed vulnerability, CVE-2025-48068, has raised concerns among developers using the popular Next.js framework. This flaw, affecting versions 13.0.0 through 15.2.1 when the App […]
Safari Flaw Exploited by BitM Attack to Steal User Login Data
A new wave of phishing attacks, known as Fullscreen Browser-in-the-Middle (BitM) attacks, is exploiting browser features to steal user credentials with unprecedented stealth. Unlike traditional […]
Void Blizzard nimmt NATO-Organisationen ins Visier
Russische Hacker ändern ihre Taktik von Passwort-Spraying zu Phishing, aber ihre Ziele innerhalb der NATO bleiben gleich. PX Media – Shutterstock.com Seit über einem Jahr […]
New Rust-Based InfoStealer Uses Fake CAPTCHA to Deliver EDDIESTEALER
A newly discovered Rust-based infostealer, dubbed EDDIESTEALER, has been uncovered by Elastic Security Labs, spreading through a sophisticated social engineering tactic involving fake CAPTCHA verification […]
North Korean IT Workers Exploit Legitimate Software and Network Tactics to Evade EDR
A North Korean IT worker, operating under a false identity, was uncovered infiltrating a Western organization with a sophisticated remote-control system. This incident, exposed during […]