New FileFix attack uses cache smuggling to evade security software

A new variant of the FileFix social engineering attack uses cache smuggling to secretly download a malicious ZIP archive onto a victim's system and bypassing security software.

Fake itch.io game pages are secretly stealing gamer accounts and planting malware

Malwarebytes tells gamers to be careful about downloading games from websites that look like (but aren't) Itch.io.
The Hacker News

BatShadow Group Uses New Go-Based 'Vampire Bot' Malware to Hunt Job Seekers

The executable is a Golang malware dubbed Vampire Bot that can profile the infected host, steal a wide range of information, ...
GovInfoSecurity

Hackers Exploit RMM Tools to Deploy Malware

Cybercriminals are hijacking trusted remote monitoring and management tools to bypass defenses, gain persistent access and ...

Android spyware pretends to be Signal or ToTok update to fool victims - here's how to stay safe

ProSpy and ToSpy malware campaigns spoof Signal and ToTok to infect Android users Malware exfiltrates SMS, contacts, files, and disguises itself as Google Play Services Apps spread via third-party ...

Meta account suspension scam hides FileFix malware

New FileFix attack tricks Facebook and Instagram users into running malicious PowerShell commands disguised as Meta account maintenance to deploy StealC infostealer.
The Hacker News

Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL

WhatsApp malware SORVEPOTEL infects 477 systems in Brazil, spreading via phishing ZIP files and spamming contacts.

Android spyware campaigns impersonate Signal and ToTok messengers

Two new spyware campaigns that researchers call ProSpy and ToSpy lured Android users with fake upgrades or plugins for the ...
LancsLive on MSN

All Microsoft Teams users warned over new threat to your PC

Cyber security experts have issued a warning to anyone who uses Microsoft Teams as they have discovered a new attack ...