Cybercriminals are actively targeting cryptocurrency users with social engineering campaigns that impersonate AI, gaming, and Web3 companies through fake social media accounts and legitimate platforms. The effort involves malware delivery via fake startup websites, aiming to steal digital assets on Windows and macOS systems. #Realst #AtomicStealer…
Tag: MACOS
Three real-world cloud compromises affecting Microsoft Azure and Amazon Web Services environments were analyzed, revealing threat actors using stolen credentials to gain unauthorized access, exfiltrate data, and deploy ransomware. The cases highlight the importance of AI-driven anomaly detection and autonomous response to contain attacks and prevent escalation. #MicrosoftAzure #AmazonWebServices #Rclone #AkiraRansomware
![Cybersecurity News | Daily Recap [08 Jul 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [08 Jul 2025]")
Cybersecurity experts report a surge in sophisticated spyware campaigns, including the Batavia and Atomic Stealer strains, targeting Russian firms and Mac users globally. Additionally, new botnets like RondoDox and hpingbot are exploiting vulnerabilities and enabling stealthy DDoS attacks, highlighting persistent threats to organizations worldwide. #Batavia #AtomicStealer #RondoDox #hpingbot
Atomic macOS Stealer (AMOS) has been upgraded with an embedded backdoor, enabling persistent remote access and full control over infected Macs. This evolution significantly increases the threat level, as it now facilitates long-term surveillance, keylogging, and broader system exploitation for targeted cybercriminal campaigns. #AtomicmacOSStealer #Backdoor #MacPaw #Moonlock
This cybersecurity recap highlights the abuse of legitimate tools like Inno Setup and Shellter Elite by cybercriminals to distribute stealthy malware and evade detection. It also reports on sophisticated nation-state espionage campaigns by North Korea, TAG-140, APT36, and NightEagle, targeting critical sectors across different regions. #InnoSetupAbuse #ShellterElite #NimDoor #TAG-140 #APT36 #NightEagle
Cybersecurity researchers have uncovered a campaign using SEO poisoning and malvertising to distribute malware like Oyster, Vidar, Lumma, and Legion Loader across fake websites and search results. These malicious activities target both IT professionals and general consumers, exploiting popular AI tools and well-known brands to deliver stealer payloads and conduct financial…
A new version of the Atomic macOS info-stealer, known as ‘AMOS’, now includes a backdoor for persistent remote access. This evolution enhances the malware’s capabilities, allowing full system control and affecting users in over 120 countries. #AtomicStealer #AMOS #MacOSBackdoor #CyberThreats
Grafana has released security patches for four high-severity vulnerabilities in the Chromium library to prevent remote code execution and memory access issues. These vulnerabilities, including CVE-2025-6554, affect Grafana Image Renderer and Synthetic Monitoring Agent, with some exploits already observed in the wild. #CVE-2025-6554 #V8JavaScriptEngine…
North Korean threat actors are targeting Web3 and crypto companies with NimDoor, a sophisticated macOS backdoor disguised as a Zoom update. The malware uses encrypted communication, complex multi-language code, and unique persistence techniques to steal sensitive data and avoid detection. #NimDoor #NorthKoreaThreats #Web3Security #CryptoAttacks…
This week’s cybersecurity recap highlights critical vulnerabilities such as CVE-2025-5777 and CVE-2025-20309 affecting Citrix and Cisco, which are actively exploited by threat actors like APT28 and MuddyWater. Emerging malware campaigns include sophisticated botnets like Flodrix and advanced evasion techniques like Shellter and steganography. #CitrixBleed #MuddyWater
This cybersecurity recap highlights recent ransomware incidents, data breaches affecting millions, and the emergence of North Korean malware targeting macOS and crypto sectors. It also underscores ongoing geopolitical cyber cooperation and critical vulnerabilities in enterprise software, emphasizing the importance of timely patching and global collaboration. #HuntersInternational #KellyBenefits #Qantas #NimDoor #ITArmyOfRussia #Forminator #TeleMessage #CyberDome
North Korean hackers are increasingly targeting web3 and crypto organizations by infecting macOS systems with Nim-compiled malware via fake Zoom updates and impersonation tactics. Their advanced techniques include using Nim programming language, AppleScripts, and signal handlers for persistence and data exfiltration, posing significant threats to targeted entities. #PyongyangAPT #NimDoor…
North Korean threat actors employ Nim-compiled binaries and multi-stage attack chains targeting Web3 and cryptocurrency businesses on macOS, utilizing novel persistence methods and process injection techniques. Their malware leverages heavily obfuscated AppleScripts for initial access and continuous backdoor communications, along with Bash scripts to exfiltrate sensitive user data such as browser credentials and Telegram messages. #NimDoor #DPRKThreatActors #macOSMalware #ProcessInjection #AppleScriptBeacon
North Korean threat actors have developed the highly advanced NimDoor malware targeting macOS, specifically aimed at web3 and cryptocurrency organizations. This sophisticated malware employs signal-based persistence and modular components to exfiltrate sensitive data and maintain resilience against defenses. #BlueNoroff #NimDoor
North Korean-linked threat actors are targeting Web3 and cryptocurrency companies with Nim-based malware called NimDoor, employing advanced persistence and communication techniques. They also utilize social engineering and multi-stage attack chains on macOS and Windows platforms to steal data and maintain control. #NorthKorea #NimDoor…