VulnHub

Real-time Cybersecurity News

Articles tagged "Malware"

Found 36 articles

New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices

The Hacker News

The Sturnus Android banking trojan poses a significant threat by enabling credential theft and complete device takeover for financial fraud. Its unique capability to bypass encrypted messaging by capturing decrypted content directly from the device screen raises serious concerns about user privacy and security.

Impact: Android devices
Remediation: Users should ensure their devices are updated with the latest security patches, avoid downloading unverified apps, and consider using additional security measures such as two-factor authentication.
AndroidTrojanMalware
Read Original
Blockchain and Node.js abused by Tsundere: an emerging botnet

Securelist

Actively Exploited

Kaspersky GReAT experts have identified the Tsundere botnet, which utilizes Node.js-based bots to exploit web3 smart contracts. The campaign poses a significant cybersecurity threat as it spreads through MSI installers and PowerShell scripts, indicating a sophisticated method of propagation.

Impact: Node.js, web3 smart contracts, MSI installers, PowerShell scripts
Remediation: Implement security measures to monitor and restrict the use of MSI installers and PowerShell scripts. Regularly update and patch Node.js environments and web3 applications.
ExploitBotnetMalware
Read Original
TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign

The Hacker News

Actively Exploited

The TamperedChef malware campaign exploits fake software installers to distribute JavaScript malware, enabling remote access and control of infected systems. This ongoing global threat poses significant risks to users who may unknowingly install these malicious applications.

Impact: N/A
Remediation: Users should avoid downloading software from unverified sources and ensure that their security software is up to date to detect and block malicious installations.
Malware
Read Original
CISA Releases Guide to Mitigate Risks from Bulletproof Hosting Providers

All CISA Advisories

The Cybersecurity and Infrastructure Security Agency (CISA) has released a guide to help Internet Service Providers (ISPs) mitigate risks associated with Bulletproof Hosting (BPH) providers that facilitate cybercriminal activities like ransomware and phishing. The guide emphasizes the importance of collaboration and proactive measures to reduce the effectiveness of BPH infrastructure, which poses significant threats to critical systems and services.

Impact: Bulletproof Hosting providers, cybercriminal activities including ransomware, phishing, malware delivery, denial-of-service attacks.
Remediation: Curate malicious resource lists, implement filters to block malicious traffic, analyze network traffic for anomalies, use logging systems to track ASNs and IP addresses, share intelligence with public and private entities, notify customers about malicious resources, provide premade filters, set accountability standards, and vet customers to prevent BPH abuse.
RansomwarePhishingMalwareCritical
Read Original
IT threat evolution in Q3 2025. Non-mobile statistics

Securelist

The report highlights the evolving landscape of IT threats in Q3 2025, focusing on malware targeting Windows and macOS personal computers, as well as IoT devices. This indicates a growing severity of cyber threats that could have significant implications for users and organizations relying on these systems.

Impact: Windows personal computers, macOS personal computers, Internet of Things (IoT) devices
Remediation: N/A
WindowsmacOSMalware
Read Original
EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates

The Hacker News

Actively Exploited

The threat actor PlushDaemon has deployed a new Go-based network backdoor called EdgeStepper, which enables adversary-in-the-middle attacks by hijacking DNS queries. This redirection leads to the potential compromise of legitimate software updates, posing a significant risk to affected systems.

Impact: N/A
Remediation: Implement DNS security measures, monitor network traffic for anomalies, and ensure software updates are obtained from verified sources.
Malware
Read Original
PreviousPage 3 of 3