CSO Online

New Arkanix stealer blends rapid Python harvesting with stealthier C++ payloads

The Arkanix infostealer combines LLM-assisted development with a malware-as-a-service model, using dual language implementations to maximize reach and establish persistence.
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.

Infostealer malware found stealing OpenClaw secrets for first time

With the massive adoption of the OpenClaw agentic AI assistant, information-stealing malware has been spotted stealing files ...
TechRadar

North Korean job scammers target JavaScript and Python developers with fake interview tasks spreading malware

Lazarus Group evolving Operation Dream Job campaign to target Web3 developers New “Graphalgo” variant uses malicious dependencies in legitimate bare-bone projects on PyPI/npm ReversingLabs found ~200 ...

New 'Massiv' Android banking malware poses as an IPTV app

A newly identified Android banking trojan named Massiv has been under active distribution across south Europe, disguised as ...
Make Tech Easier

Malware Ridden Fake CAPTCHAs Make Me Hate CAPTCHAs Even More

Is that CAPTCHA you just encountered real? Find out how fake CAPTCHAs are installing hidden malware and how to stay safe.
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

ATMs are getting hacked the old-fashioned way: with keys and USB drives

Banks across the United States are grappling with a wave of physical malware attacks on their ATMs, according to a new cybersecurity alert from the Federal ...
Pacific Daily News

Judge sets PUA fraud case trial for Sept. 22; Forbes report says Microsoft gave FBI keys to unlock encrypted data in Guam case

District Court of Guam Magistrate Judge Michael Bordallo set a Sept. 22 trial for the Pandemic Unemployment Assistance program fraud ring case involving seven defendants, among them close family ...