### #CitrineSleet #InletDrift #DeFiHeist Summary: Radiant Capital has attributed a $50 million cryptocurrency theft to North Korean threat actors known as Citrine Sleet, following a sophisticated cyberattack that exploited vulnerabilities in their systems. The attack involved malware that bypassed m…
Tag: MACOS
### #Web3Security #MeetenMalware #CryptoTheft Summary: Cybercriminals are exploiting the Web3 sector by using fake business meetings to distribute malware that targets cryptocurrency assets. Dubbed “Meeten,” this campaign employs sophisticated social engineering tactics to lure victims into download…
Cado Security Labs have identified a new sophisticated scam targeting people who work in Web3. The campaign includes crypto stealer Realst that has both macOS and Windows variants, and has been active for around four months. The threat actors behind the malware have set up fake companies using AI to make…
### #IndustrialAutomation #HMIExploits #SCADAThreats Summary: Researchers have identified critical vulnerabilities in mySCADA’s myPRO software that could allow remote attackers to gain unauthorized access to critical infrastructure. The vulnerabilities pose significant risks due to the software’s wi…
### #GameEngineExploitation #MalwareDistribution #OpenSourceThreats Summary: Hackers have leveraged the GodLoader malware to exploit the Godot game engine, infecting over 17,000 systems in just three months by using the engine’s capabilities to evade detection. This malware targets gamers across mul…
### #BansheeStealer #MalwareLeak #MacOSThreats Summary: The source code for the macOS malware Banshee Stealer has been leaked and published on GitHub, leading to the shutdown of its operations by its developers. This malware, which targeted sensitive data, was previously promoted by Russian hackers….
CryptoLove is a notorious group involved in cryptocurrency scams, utilizing sophisticated methods to deceive victims and steal funds. They operate through a hierarchical structure, employing various tools and platforms to execute their scams. #CryptoScams #Cyb…
### #MacOSMalware #BANSHEEStealer #MaaSThreats Summary: In August 2024, Russian hackers released BANSHEE Stealer, a macOS malware designed to steal sensitive data from browsers and cryptocurrency wallets. The malware’s source code was later leaked, leading to the shutdown of its operations. Threat A…
Summary: Check Point Research has uncovered a new malware distribution technique exploiting the Godot Engine, allowing cybercriminals to execute malicious GDScript code undetected by most antivirus solutions. This technique has led to the infection of over 17,…
### #MallocStackLoggingExploit #LocalPrivilegeEscalation #AppleVulnerability Summary: A critical vulnerability in Apple’s MallocStackLogging framework allows attackers to achieve local privilege escalation on macOS systems, posing a significant security risk. Despite Apple’s mitigations, the flaw ca…
### #ZeroDayExploits #AppleSecurity #OracleVulnerabilities Summary: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added new vulnerabilities to its Known Exploited Vulnerabilities catalog, including critical flaws in Apple and Oracle products that are actively being exploited….
### #AppleSecurity #ThreatAnalysis #ZeroDayVulnerabilities Summary: Apple has released critical security updates addressing two actively exploited vulnerabilities in its operating systems, discovered by Google’s Threat Analysis Group. The vulnerabilities, CVE-2024-44308 and CVE-2024-44309, primarily…
Mexico is investigating a ransomware attack targeting its legal affairs office, as confirmed by the president amidst growing cybersecurity concerns. Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. “Today they are going to send me a report on the supposed hacking.”…
### #WorkflowKitExploit #RaceConditionThreat #ShortcutSecurityFlaw Summary: A critical security flaw in WorkflowKit, identified as CVE-2024-27821, allows malicious apps to intercept and modify shortcut files during the extraction process. This vulnerability poses significant risks, including the pot…
### #CyberSecurity #Malware #AIThreats Summary: Fake AI image and video generators are being used to distribute Lumma Stealer and AMOS malware, targeting Windows and macOS systems to steal sensitive information such as credentials and cryptocurrency wallets. These malicious sites impersonate a legit…