cybersecurity threats 2025

From The Hacker News – Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings

Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate applications like Microsoft Office. "One such project, officepackage, on the main website sourceforge.net, appears harmless enough, containing Microsoft Office add-ins copied from a

shaikh Saqib April 8, 2025

News

From Cyber Security News – New NPM Attack Infecting Local Packages With Cleverly Hidden Malicious Payload

The NPM package repository remains active, and despite a decline in malware numbers between 2023 and 2024, this year’s numbers don’t seem to continue that downward trend. Recently, security researchers…

shaikh Saqib March 26, 2025

News

From Security Week – macOS Users Warned of New Versions of ReaderUpdate Malware

[[{"value":"macOS users are targeted with multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages. The post macOS Users Warned of New Versions of ReaderUpdate…

shaikh Saqib March 26, 2025

News

From The Hacker News – Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites

Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc. "The threat actor hides each malware stage behind a SharePoint site and uses a modified version of Havoc Demon in conjunction with the Microsoft Graph API to obscure C2 communications within trusted, well-known

shaikh Saqib March 3, 2025