The Minerva Labs cybersecurity team released a report earlier this week regarding the Purple Fox rootkit and its distribution via fake Telegram installers online. Working with MalwareHunterTeam, the cybersecurity forces stated that Purple Fox is being disguised through a file named Telegram Desktop.exe. The infection process has made the malware

New research has shown that pirated copies of the popular new movie Spider-Man: No Way Home contain crypto-mining malware designed to mine the Monero cryptocurrency. According to researchers at ReasonLabs, the first infected copies were found in the Russian language. The movie is the first to gross more than $1

Attackers are leveraging the Telegram messaging platform to target the crypto-wallets of users. The attackers behind the campaign are using the Echelon information stealer in an effort seeking to defraud new or unsuspecting users of a cryptocurrency discussion channel on the messaging platform. The attackers are using the Telegram handle

Security researchers found the Joker malware back on the Google Play app, this time hidden in the Color Message app. The application was reportedly downloaded more than 500,000 times before it was removed from the platform. Users should immediately remove the application from their devices in order to mitigate any

Microsoft has addressed a recently discovered vulnerability that was exploited in the wild to deliver Emotet, Trickbot, and other botnets via fake applications. The vulnerability was included in the company’s December Patch Tuesday, along with five other publicly known bugs and seven critical security vulnerabilities. In total, this month’s security

Last week, a popular Scandinavian hotel chain warned that a ransomware attack rendered its key system unusable. The attack may have also led to the theft of sensitive or personal information related to bookings. The hotel is a chain called Nordic Choice and operates 200 locations across the region, with

The Russian threat actors behind the SolarWinds attacks, which Microsoft refers to as Nobelium, are allegedly conducting attacks using new tactics and malware. Just one year after the devastating SolarWinds supply-chain attacks, the perpetrators are compromising global businesses and government targets with the new malware, stealing data and moving laterally

Attackers are impersonating the Iranian government in the latest SMS malware campaign against Iranian residents. The attackers are using socially engineered messages to compromise devices, seeking bank credentials. The campaign targets Android users by installing bank information-stealing malware that can exfiltrate credit card data and siphon money from financial accounts.

Security researchers at Doctor Web have discovered dozens of malicious games hiding in AppGallery responsible for infecting victims with a new variant of the Cynos malware. Cynos has been affecting Android users for seven years and is concealed in everything from adult content apps to harmless-looking virtual pet games. Doctor

Security researchers have found a new remote access trojan called CronRAT that hides in scheduled tasks on Linux servers. The RAT is set to execute on February 31, a date that does not exist. The trojan uses this tactic to avoid detection. CronRAT was discovered by security specialist Sansec and