Priced $2,000 - $6,000 on a cybercrime forum, the MaaS toolkit promises publication on the Chrome Web Store.

The post ‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing appeared first on SecurityWeek.

Another day, another fake CAPTCHA scam, but this one abuses Microsoft’s signed tools.

Say hello to Stanley, a new malicious toolkit that guarantees bypassing Google’s Chrome Web Store review process.

10 years after disrupting the Ukrainian power grid, the APT targeted Poland with data-wiping malware.

The post Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid appeared first on SecurityWeek.

Researchers on Friday said that Poland’s electric grid was targeted by wiper malware, likely unleashed by Russia state hackers, in an attempt to disrupt electricity delivery operations.

A cyberattack, Reuters reported, occurred during the last week of December. The news organization said it was aimed at disrupting communications between renewable installations and the power distribution operators but failed for reasons not explained.

Wipers R Us

On Friday, security firm ESET said the malware responsible was a wiper, a type of malware that permanently erases code and data stored on servers with the goal of destroying operations completely. After studying the tactics, techniques, and procedures (TTPs) used in the attack, company researchers said the wiper was likely the work of a Russian government hacker group tracked under the name Sandworm.

Read full article

Comments

© Getty Images

A massive unsecured database exposed 149 million logins, raising concerns over infostealer malware and credential theft.

The post Data Leak Exposes 149M Logins, Including Gmail, Facebook appeared first on TechRepublic.

A massive unsecured database exposed 149 million logins, raising concerns over infostealer malware and credential theft.

The post Data Leak Exposes 149M Logins, Including Gmail, Facebook appeared first on TechRepublic.

Another day, another trove of login credentials in plain text found online.

According to authorities, both suspects were in the United States unlawfully.

Researchers with Cyata and BlueRock uncovered vulnerabilities in MCP servers from Anthropic and Microsoft, feeding ongoing security worries about MCP and other agentic AI tools and their dual natures as both key parts of the evolving AI world and easy targets for threat actors.

The post Anthropic, Microsoft MCP Server Flaws Shine a Light on AI Security Risks appeared first on Security Boulevard.

When ransomware cripples a business’s systems or stealthy malware slips past defenses, the first instinct is to get everything back online as quickly as possible. That urgency is understandable — Cybersecurity Ventures estimates ransomware damage costs $156 million per day. But businesses cannot let speed overshadow the more pressing need to understand exactly what happened,..

The post From Incident to Insight: How Forensic Recovery Drives Adaptive Cyber Resilience appeared first on Security Boulevard.

Fake Captcha and “ClickFix” lures have emerged as among the most persistent and deceptive malware-delivery mechanisms on the modern web. These pages mimic legitimate verification challenges from trusted services like Cloudflare, tricking users into executing malicious commands disguised as security checks or browser validation steps. What appears to be a routine security interstitial something millions […]

The post Fake Captcha Exploits Trusted Web Infrastructure to Distribute Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated three-stage malware attack campaign against Windows users in South Korea using specially crafted LNK (shortcut) files. The attack begins with a deceptive LNK file named “실전 트레이딩 핵심 비법서.pdf.lnk” (translating to “Practical Trading Core Secret Book”), specifically crafted to target South Korean investors seeking financial guidance. This social engineering approach exploits users’ trust […]

The post Threat Actors Exploit LNK Files to Deploy MoonPeak Malware on Windows Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Unlike traditional attacks that rely on exploits, this succeeds through social engineering combined with abuse of Windows' own security architecture.

The post Hackers Disable Windows Security With New Malware Attack appeared first on TechRepublic.

Unlike traditional attacks that rely on exploits, this succeeds through social engineering combined with abuse of Windows' own security architecture.

The post Hackers Disable Windows Security With New Malware Attack appeared first on TechRepublic.

That LinkedIn message pretending to be job offer could just be malwre.

Sysdig TRT analysis reveals VoidLink as a revolutionary Linux threat. Using Serverside Rootkit Compilation and Zig code, it targets AWS and Azure with adaptive stealth.

A sophisticated multi-stage malware campaign targeting Russian users, leveraging social engineering, legitimate cloud services, and native Windows functionality to achieve full system compromise without exploiting vulnerabilities. The campaign begins with deceptively crafted business-themed documents delivered via compressed archives. Victims receive Russian-language files that appear to be routine accounting tasks, but the archive contains a malicious […]

The post New Multi-Stage Windows Malware Disables Microsoft Defender, Deploys Malicious Payloads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated new Android malware family dubbed “Android.Phantom” that leverages artificial intelligence to automate ad-clicking fraud while establishing a persistent command-and-control infrastructure through dual-mode operation. The malware operates through two distinct modes “phantom” and “signaling” controlled from the hxxps://dllpgd[.]click command server. The ML model downloads from hxxps://app-download[.]cn-wlcb[.]ufileos[.]com and analyzes screenshots of virtual screens to identify and automatically click ad […]

The post New AI-Powered Android Malware Automatically Clicks Ads on Infected Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated evolution of the ClearFake malware campaign has emerged, deploying advanced evasion techniques that abuse legitimate Windows components to bypass endpoint detection systems. The operation, which has compromised hundreds of websites since August 2025, now leverages a command injection vulnerability in a trusted Windows script to silently execute malicious PowerShell code, while hosting its […]

The post ClearFake malware Exploits Proxy Execution to Run Malicious PowerShell Commands via Trusted Windows Feature appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.