CSOonline

New Arkanix stealer blends rapid Python harvesting with stealthier C++ payloads

The Arkanix infostealer combines LLM-assisted development with a malware-as-a-service model, using dual language implementations to maximize reach and establish persistence. A newly uncovered ...
SecurityWeek

Over 100 GitHub Repositories Distributing BoryptGrab Stealer

Distributed through over 100 GitHub repositories, the BoryptGrab stealer targets browser, wallet, system, and other user data ...
Bleeping Computer

CTM360: Lumma Stealer and Ninja Browser malware campaign abusing Google Groups

CTM360 reports that more than 4,000 malicious Google Groups and 3,500 Google-hosted URLs are being used in an active malware campaign targeting global organizations. The attackers abuse Google’s ...

Google Lens Chrome Browser Tool Compromised To Steal Credentials

Chrome users have been warned that an tool claiming to search the screen with Google Lens was, in fact, a credential stealer.

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
ZDNet

Half of all cyberattacks start in your browser: 10 essential tips for staying safe

Browser activity is involved in nearly half of all cybersecurity incidents. Attack vectors include malicious links, credential-harvesting scripts, and content injection. Following these key best ...
AOL

Fake ad blocker breaks PCs in new malware extension scam

Fake browser extensions are nothing new, but this one takes things a step further by deliberately breaking your computer to scare you into infecting it. Security researchers have uncovered a malicious ...
TechRepublic

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A new social engineering campaign is abusing fake CAPTCHA verification pages to trick Windows users into launching StealC information-stealing malware. The attack relies on compromised websites that ...