Malware | KITEFALL

Microsoft Details Kazuar Malware’s Modular Architecture and P2P Botnet Operations 2026-05-15 18:27 Cyber Security News A nation-state malware known as Kazuar has resurfaced with a far more dangerous design than anyone expected. What once started as a relatively standard backdoor has now grown into a fully modular, peer-to-peer botnet specifically engineered for long-term, …
Microsoft Warns of Attackers Using Trusted HPE Operations Agent for Malware-Free Intrusions 2026-05-15 18:27 Cyber Security News A recent intrusion uncovered by security researchers revealed a calculated attack campaign that used a legitimate enterprise management tool as a weapon. The threat actor gained access through a compromised third-party IT services provider, then quietly …
Hackers Are Abusing Microsoft Teams Chats to Deploy ModeloRAT Malware 2026-05-15 15:50 WindowsReport.com Attackers are abusing Microsoft Teams chats to trick employees into running malicious PowerShell commands, giving them persistent access to corporate networks in under five minutes. According to ReliaQuest research cited by BleepingComputer, initial access …
China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer 2026-05-15 15:24 Infosecurity Magazine An undocumented malware implant suspected to be associated with a China-linked actor has been identified by researchers at Cato Networks’ Cyber Threats Research Lab (CTRL). Their discovery was made when they responded to an intrusion attempt affecting the …
OpenAI confirms TanStack attack, 84 malware versions, no user data 2026-05-15 10:02 NewsBytes OpenAI, the team behind ChatGPT, just confirmed a cyberattack that targeted two employees through a popular open-source library called TanStack. Hackers quickly pushed out 84 malware-infected versions designed to steal credentials and spread further. The …
New Malware Framework Enables Screen Control, Browser Artifact Access, and UAC Bypass 2026-05-15 00:21 Cyber Security News A newly uncovered malware framework is raising serious alarms across the cybersecurity community. Researchers have identified a previously unknown implant called TencShell, a sophisticated tool capable of giving attackers full remote control over a …
Fake Job Interview Apps Drop JobStealer Malware on Windows and macOS 2026-05-14 23:06 Hackread A fake job interview is now being used as bait to steal crypto wallets, browser credentials, and sensitive files from both Windows and macOS users. Researchers at Dr.Web say the malware campaign revolves around a trojan called JobStealer, which disguises …
TrickMo Android Banking Malware Returns With TON-Based Command System and Device Takeover Features 2026-05-14 18:41 VPNCentral A new TrickMo Android banking malware variant is targeting banking, cryptocurrency wallet, fintech, and authenticator app users with stronger stealth and remote-control features. Security researchers say the latest version, tracked as TrickMo C, uses The …
Google Adds New AI-Powered Android Protections Against Scams, Malware, and Theft 2026-05-14 18:41 VPNCentral Google has announced a new wave of Android security and privacy features designed to stop scams, malicious apps, device theft, and data abuse before they cause harm. The updates combine on-device AI, stronger theft protections, safer app downloads, and …
Stacking the World’s Biggest Malware Vaults: How Tall Would They Really Get? 2026-05-14 14:55 Technology Org Key Takeaways: vx-underground holds around 30 terabytes of malware source code; VirusTotal holds about 31 petabytes of submitted samples. Stacked as 1 TB internal hard drives, vx-underground’s archive would reach roughly 2.5 feet. VirusTotal’s would reach …
Cyber hackers using JPEG files to spread malware 2026-05-14 12:38 Telengana Today Cybersecurity agencies and police have warned users about malware hidden inside JPEG image files and fake wedding invitation scams on WhatsApp. Officials said cybercriminals are using malicious APK files and infected images to steal banking information, …
‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack 2026-05-14 11:39 CyberScoop A rapidly spreading malware campaign has infected hundreds of software packages across major open-source registries, embedding credential-stealing code into development tools downloaded millions of times a week. The attack, referred to as “mini Shai-Hulud …
N.K.-linked hackers using AI to develop malware targeting S. Korean gov't system: report 2026-05-14 10:54 Yonhap News Agency SEOUL, May 14 (Yonhap) -- A North Korea-linked hacking group is leveraging artificial intelligence (AI) technology to develop malicious software targeting the South Korean government's electronic authentication system, a Russian cybersecurity firm said …
Android Will Detect AI Scam, Malware, Financial Fraud 2026-05-14 07:04 Trak.in Google is preparing one of the biggest Android security overhauls ever with Android 17, introducing a massive suite of AI-driven protections aimed at fighting scams, theft, malware, phishing, and financial fraud. The company unveiled the upcoming features …
This is what some of the world’s largest banks of malware look like stacked as hard drives 2026-05-14 02:15 TechCrunch Malware research group vx-underground, which says it has the largest collection of malware source code, said in a post on X that its archive of data amounts to about 30 terabytes. A reply by Bernardo Quintero, founder of VirusTotal, an online service that …
Hackers use hijacked Microsoft Teams accounts to deliver ModeloRAT malware 2026-05-13 18:35 VPNCentral Hackers are abusing Microsoft Teams accounts to impersonate IT support staff and push ModeloRAT malware into corporate environments. The campaign uses a familiar workplace trust trick. Attackers contact employees through Teams, pose as helpdesk staff, and …
North Korean hackers use Git hooks to deliver cross-platform malware 2026-05-13 18:35 VPNCentral North Korean threat actors are using malicious Git hooks to target software developers through fake job interviews and coding assessments. The campaign is linked to the long-running Contagious Interview operation, which uses fake recruiter outreach to …
This is what some the world’s largest banks of malware look like stacked as hard drives 2026-05-13 18:16 TechCrunch Malware research group vx-underground, which says it has the largest collection of malware source code, said in a post on X that its archive of data amounts to about 30 terabytes. A reply by Bernardo Quintero, founder of VirusTotal, an online service that …
TCLBANKER Malware Hijacks WhatsApp and Outlook to Spread Banking Trojan 2026-05-13 17:25 VPNCentral TCLBANKER is a new Brazilian banking trojan that steals financial data and spreads through victims’ own WhatsApp and Microsoft Outlook accounts. Elastic Security Labs tracks the campaign as REF3076 and says the malware appears to be a major update of the …
Fake DeepSeek TUI GitHub Repositories Push Rust Malware at Developers 2026-05-13 17:25 VPNCentral Fake GitHub repositories impersonating DeepSeek TUI are being used to deliver malware to developers and AI users. The campaign abuses interest in AI coding tools by making malicious repositories look like legitimate open-source software pages. DeepSeek TUI …
Fake FinalShell and Xshell Sites Push Kong RAT Malware 2026-05-13 16:58 GBHackers Hackers are abusing fake download sites for popular tools like FinalShell and Xshell to deliver a new remote access trojan known as Kong RAT, in a highly staged and stealthy campaign that ran from at least May 2025 through March 2026. In this campaign, …
Infostealer Malware Fuels Corporate Breaches From Personal Devices 2026-05-13 16:58 GBHackers Infostealer malware is no longer just a consumer nuisance it has become a direct bridge between personal device infections and full-scale enterprise breaches. Once these credentials are harvested and posted on dark web forums, attackers gain immediate …
Adsterra Giải mã Hệ thống Chống Gian lận (Anti-Fraud) và Chống Mã độc (Anti-Malware) 2026-05-13 13:07 EIN Presswire Adsterra cung cấp khả năng bảo vệ đa lớp chống lại gian lận quảng cáo và quảng cáo độc hại, đảm bảo lưu lượng truy cập sạch và kiếm tiền an toàn. LIMASSOL, CYPRUS, May 13, 2026 /⁨EINPresswire.com⁩/ -- Trong suốt nhiều năm qua, Adsterra luôn nhận …
Adsterra Menjelaskan Sistem Anti-Fraud dan Anti-Malware untuk Melindungi Advertiser dan Publisher 2026-05-13 12:56 EIN Presswire Adsterra menyediakan perlindungan berlapis terhadap iklan palsu dan iklan berbahaya, memastikan lalu lintas yang bersih dan monetisasi yang aman. LIMASSOL, CYPRUS, May 13, 2026 /⁨EINPresswire.com⁩/ -- Selama bertahun-tahun, Adsterra dikenal karena …
Adsterra Explains Anti-Fraud and Anti-Malware System Protecting Advertisers and Publishers 2026-05-13 12:06 EIN Presswire Adsterra delivers multi-layered ad fraud and malvertising protection, ensuring clean traffic, secure monetization, and transparent performance. LIMASSOL, CYPRUS, May 13, 2026 /⁨EINPresswire.com⁩/ -- Over the years, Adsterra has been praised for …
Fake Income Tax email alert! ‘SilverFox’ hackers target Indians with dangerous malware 2026-05-13 11:15 The Economic Times The campaign heavily targeted organisations in India across consulting, industrial, transport, and trade sectors. Between January and February 2026 alone, researchers detected over 1,600 malicious emails. Hackers used fear and urgency linked to tax notices …
IPL 2026 Scam Alert: Over 1,000 Fake IPL Websites Target Cricket Fans With Ticket Frauds and Malware Attacks 2026-05-13 08:24 Latestly New Delhi, May 13: More than 1,000 fake IPL-related domains are being used to run online scams and malware attacks targeting cricket fans during the ongoing Indian Premier League season, a report showed on Wednesday. According to an analysis by CloudSEK, …
Over 1,000 fake IPL domains used for scams, malware attacks: Report 2026-05-13 05:58 The Siasat Daily New Delhi: More than 1,000 fake IPL-related domains are being used to run online scams and malware attacks targeting cricket fans during the ongoing Indian Premier League season, a report showed on Wednesday, May 13. According to an analysis by CloudSEK, …
Hackers Insert Malware Into Mistral AI Software Download 2026-05-13 05:27 Decrypt In brief Microsoft said attackers compromised a Mistral AI software download used by developers. The malware allegedly stole credentials and could damage some Linux systems. Mistral said it has no evidence that its infrastructure was compromised. Microsoft …
Mistral AI and TanStack hit in supply chain attack with SLSA-attested malware 2026-05-13 01:38 Cryptopolitan Attackers compromised the official Mistral AI Python package on PyPI along with hundreds of other widely-used developer packages, exposing GitHub tokens, cloud credentials, and password vaults across the AI and crypto developer ecosystem. Microsoft Threat …
What is weaponised JPEG file? Here's how hackers use fake images to deploy malware 2026-05-13 01:05 GEO TV A sophisticated new cyberattack referred to as “Operation SilentCanvas” is attacking Windows users with a fake JPEG file that installs malicious remote access software. The attack initiates with a file named sysupdate.jpeg, which is sent to users via …
Malware is now hiding in Google search ads — here's how to protect yourself 2026-05-13 00:47 MakeUseOf A new malware campaign has been discovered hiding in people’s Google search results when trying to find and download Claude’s Mac app. It’s a stark reminder of just how pervasive advertisements have become in our day-to-day lives, and why using an ad …
North Korean Hackers Weaponize Git Hooks to Deploy Cross-Platform Malware 2026-05-12 22:34 Cyber Security News North Korean hackers have found a new way to hide malware inside the tools that software developers rely on every single day. Instead of sending phishing emails or planting fake links, they are now burying malicious code deep inside Git hooks — small …
Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware 2026-05-12 21:41 SecurityWeek OnlyFans – an attractive brand for hopeful users and their attackers. CRPx0 is a complex, stealthy and persistent malware campaign. It currently targets macOS and Windows systems, and appears to have Linux capabilities in development. It currently …
This devious Android malware has returned disguised as TikTok or streaming apps 2026-05-12 20:28 TechRadar Pro Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter ThreatFabric spotted new TrickMo.C variant targeting Android users in Europe Disguised as TikTok/streaming apps, it steals credentials, intercepts SMS, suppresses …
NWHStealer Malware Now Uses Bun Loader to Evade Detection and Steal Windows Data 2026-05-12 19:12 VPNCentral NWHStealer has returned with a more advanced delivery method that uses the Bun JavaScript runtime to infect Windows PCs. Security researchers say attackers are using fake software downloads, game cheats, and utility tools to hide the malware inside …
Mac users beware — scammers are hijacking Claude chats and Google ads to push malware 2026-05-12 18:18 TechRadar Pro Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Crooks abused Claude’s “Shared Chats” feature to plant fake install instructions leading to infostealer infections Fraudulent chats were promoted via Google Ads, …
Google finds first AI-developed zero-day that bypasses 2FA — self-morphing malware and Gemini-powered backdoors signal a new era of cybercrime 2026-05-12 14:17 Tom's Hardware Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter The Google Threat Intelligence Group (GTIG) has just published a report on the hacktivities of blackhats everywhere, and the painted picture is quite sobering. Not only …
TrickMo Android Banking Malware Targets Banking, Wallet, and Authenticator Apps 2026-05-12 11:31 Cyber Security News A dangerous Android banking malware known as TrickMo has resurfaced with a powerful new variant, and this time it is more stealthy, more capable, and harder to stop than ever before. The threat is actively targeting users of banking apps, digital wallets, …
Google says hackers are using AI to find zero-days and build malware 2026-05-12 11:21 Tech Wire Asia Google says attackers are using AI for zero-days and reconnaissance. Report highlights AI-linked zero-days, Android malware, and AI supply chain attacks. Google threat researchers say attackers are expanding their use of generative AI in cyber operations …
Experts warn of 'highly sophisticated' weaponized JPEG campaign used to send out ScreenConnect malware 2026-05-12 10:15 TechRadar Pro Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Attackers weaponized a .jpeg file to deliver PowerShell payloads, trojanized ScreenConnect, and establish persistence The malware enables credential theft, encrypted C2 …
Microsoft Warns: MistralAI PyPI Package Compromised with Malware 2026-05-12 09:29 GBHackers Mistral’s official Python client on PyPI has been pulled into the ongoing wave of AI supply‑chain attacks, with Microsoft warning that version 2.4.6 of the mistralai package was backdoored to silently deploy a credential‑stealing payload on Linux systems …
MacOS flags ChatGPT as Malware and moves it to Bin 2026-05-11 18:29 Cybersecurity Insiders Over the past couple of days, and more specifically during the last 40 hours, a large number of MacOS users have reported an unexpected and alarming issue involving the ChatGPT application. According to several users, Apple’s MacOS security system has …
Vidar Malware Targets Browser Credentials, Cookies, Crypto Wallets, and System Data 2026-05-11 16:48 Cyber Security News A long-active information stealer is making headlines again, and this time it is targeting more than just passwords. Vidar malware, a credential-harvesting tool in circulation since late 2018, has been observed running through a sophisticated multi-stage …
Hackers Use Weaponized JPEG File to Deploy Trojanized ScreenConnect Malware 2026-05-11 16:48 Cyber Security News A sophisticated new cyberattack campaign is targeting Windows systems using a fake image file to sneak dangerous malware past security defenses. The operation, named Operation SilentCanvas, tricks victims into running a malicious PowerShell script …
Trending Hugging Face Repo With 200k Downloads Executes Malware on Windows Machines 2026-05-11 16:48 Cyber Security News A popular artificial intelligence repository on Hugging Face was recently found hiding dangerous malware that targeted Windows users. The repository, named “Open-OSS/privacy-filter,” had racked up over 200,000 downloads before the platform’s team …
Hackers Use Fake DeepSeek TUI GitHub Repositories to Deliver Malware 2026-05-11 16:48 Cyber Security News Hackers are once again targeting developers and AI enthusiasts by impersonating popular open-source tools on GitHub. This time, the target is DeepSeek TUI, a legitimate terminal-based intelligent agent that allows users to interact with DeepSeek large …
Hackers Use PlugX-Like DLL Sideloading Chain in Fake Claude Malware Campaign 2026-05-11 16:48 Cyber Security News Cybercriminals are getting creative with how they lure victims into downloading malware, and a new campaign involving a fake version of Anthropic’s Claude AI assistant is raising serious concerns. Attackers set up a convincing lookalike website to …
A fake OpenAI repository has taken top spot on Hugging Face — but all it does is push infostealer malware 2026-05-11 15:13 TechRadar Pro Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Attackers typosquatted an OpenAI repo on HuggingFace, distributing an infostealer disguised as a “privacy filter” model The malware disabled SSL checks, escalated …
Top download manager JDownloader hacked — installers replaced with dangerous malware 2026-05-11 13:23 TechRadar Pro Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Attackers exploited a CMS flaw to replace Windows and Linux installer links with malware‑laden versions between May 6–7, 2026 The poisoned installers deployed a Python‑ …