Malware

Windows machines are being targeted by the BITSLOTH backdoor malware, researchers said.

Fake ads for Google Authenticator are delivering GitHub-hosted malware.

OneDrive users are being tricked into running a malicious PowerShell script to compromise systems.

Attackers use malicious Python PI package to exfiltrate Google Cloud creds from macOS systems.

Germany-based CrowdStrike customers are being targeted by a new spear-phishing campaign.

More than 3,000 fraudulent GitHub accounts have been leveraged by the Stargazer Goblin threat operation's Stargazers Ghost Network to facilitate the distribution of various malicious payloads, particularly information-stealing malware such as Atlantida Stealer, Lumma Stealer, RedLine, Rhadamanthys, and RisePro.

Attacks exploiting the already patched Windows Defender SmartScreen flaw, tracked as CVE-2024-21412, continue to be launched by threat actors looking to stealthily distribute malware with credential theft, backdoor access, activity monitoring, and remote key logging capabilities.