AsyncRAT – Threat Note

From Krebs on Security – ClickFix: How to Infect Your PC in Three Easy Steps

A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed "ClickFix," the visitor to a hacked or malicious website is…

Samir K March 15, 2025

News

From Cyber Security News – Microsoft Warns of Cyber Attack Mimic Booking .com To Deliver Password Stealing Malware

Microsoft Threat Intelligence has identified an ongoing phishing campaign impersonating Booking.com to deliver credential-stealing malware. The campaign, which began in December 2024, targets hospitality organizations in North America, Oceania, Asia,…

shaikh Saqib March 14, 2025

News

From The Hacker News – Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails

Microsoft has shed light on an ongoing phishing campaign that targeted the hospitality sector by impersonating online travel agency Booking.com using an increasingly popular social engineering technique called ClickFix to deliver credential-stealing malware. The activity, the tech giant said, started in December 2024 and operates with the end goal of conducting financial fraud and theft. It's

shaikh Saqib March 13, 2025

News

From Security Week – Microsoft Warns of Hospitality Sector Attacks Involving ClickFix

[[{"value":"A cybercrime group named Storm-1865 has targeted hospitality organizations via fake Booking.com emails and the use of social engineering. The post Microsoft Warns of Hospitality Sector Attacks Involving ClickFix appeared…

shaikh Saqib March 13, 2025

News

From The Hacker News – Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks

The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. "The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection rates," Check Point said in a new analysis. "More than 1,600 victims were affected during one of

shaikh Saqib March 11, 2025

News

From Security Week – 1,600 Victims Hit by South American APT’s Malware

[[{"value":"South American cyberespionage group Blind Eagle has infected over 1,600 organizations in Colombia in a recent campaign. The post 1,600 Victims Hit by South American APT’s Malware appeared first on…

shaikh Saqib March 11, 2025

Vulnerabilities

From Cybersecurity Help – Blind Eagle APT targeting Colombian entities in ongoing espionage campaign

In the recent campaign, the group has been observed exploiting CVE-2024-43451. Read More

shaikh Saqib March 11, 2025

News

From The Hacker News – Desert Dexter Targets 900 Victims Using Facebook Ads and Telegram Malware Links

The Middle East and North Africa have become the target of a new campaign that delivers a modified version of a known malware called AsyncRAT since September 2024. "The campaign, which leverages social media to distribute malware, is tied to the region's current geopolitical climate," Positive Technologies researchers Klimentiy Galkin and Stanislav Pyzhov said in an analysis published last week.

shaikh Saqib March 10, 2025

News

From Cyber Security News – 200 Malicious GitHub Repos Attacking Developers to Deliver Malware

In an era where open-source collaboration drives software innovation, a sophisticated cyber campaign dubbed GitVenom has emerged as a critical threat to developers. Security researchers have uncovered over 200 malicious…

shaikh Saqib February 25, 2025

News

From The Hacker News – GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets

Cybersecurity researchers are calling attention to an ongoing campaign that's targeting gamers and cryptocurrency investors under the guise of open-source projects hosted on GitHub. The campaign, which spans hundreds of repositories, has been dubbed GitVenom by Kaspersky. "The infected projects include an automation instrument for interacting with Instagram accounts, a Telegram bot that enables

shaikh Saqib February 25, 2025