#SystemBC #malware turns infected #VPS systems into proxy highway

https://www.bleepingcomputer.com/news/security/systembc-malware-turns-infected-vps-systems-into-proxy-highway/

An die MACis da draußen:
Sie haben gerade z. B.

• 1Password, 
• Adobe After Effects, 
• Audacity, 
• Confluence, 
• Dropbox, 
• Fidelity, 
• Gemini, 
• LastPass,
• Notion, 
• Robinhood, 
• SentinelOne
• Thunderbird
• bummelig 100 Produkte ...installiert? Aus sicherer Quelle? Oder hat Ihnen das Böse da was untergeschoben?LastPass warnt gerade vor einer Kampagne, die MAC-Nutzende im Visier hat: Die gefälschten Apps liefern die Informations‑Stealer‑Malware Atomic (AMOS) in sogenannten ClickFix‑Angriffen. Diese werden durch Suchmaschinenoptimierung (SEO) auf Google und Bing beworben.AMOS ist ein Malware‑as‑a‑Service‑Angebot, das für 1 000 US‑Dollar pro Monat verfügbar ist und typischerweise Daten auf infizierten Rechnern anvisiert.Bonus: Jetzt auch mit Backdoor für dauerhaften Zugriff auf die Endsysteme.

Und nun? Prävention durch Wissen:
Führen Sie keine Befehle auf Ihren Systemen aus, die Sie nicht verstehen!
Nutzen Sie die offiziellen Seiten des Anbieters oder Projekts. Da gibt es keine MAC-Version? Dann gibt es auch keine.

https://blog.lastpass.com/posts/attack-targeting-macs-via-github-pages

Sneaking malicious code into a game is one thing.

It's another to steal from someone dying from cancer!

Steam Game Update Reportedly Distributed Malware And Stole Money From Cancer Victim

https://www.gamespot.com/articles/steam-game-update-reportedly-distributed-malware-and-stole-money-from-cancer-victim/1100-6534915/?ftag=CAD-01-10abi2f

"The game is no longer on Steam, but this isn't the first time malware has been distributed through a Steam game."

"The 2D side-scrolling game BlockBlasters had an update on August 30 that included malware that can steal personal information from any PC that the game is running on. More insidiously, this malware can empty crypto wallet data, and it reportedly did so to streamer rastalandTV, who is currently battling stage 4 cancer and was hosting a charity livestream."

Gamespot: Steam Game Update Reportedly Distributed Malware And Stole Money From Cancer Victim https://www.gamespot.com/articles/steam-game-update-reportedly-distributed-malware-and-stole-money-from-cancer-victim/1100-6534915/ @Gamespot #Steam #malware #cybersecurity #infosec

ESET: Watch out for SVG files booby-trapped with malware https://www.welivesecurity.com/en/malware/svg-files-spreading-malware/ @ESETresearch #cybersecurity #infosec #malware

"The threat actor uses tailored spear‑phishing from alleged HR recruters directing victims to fake career portals. Each target receives a unique URL and credentials, enabling tracking and controlled access of each victim."

Check Point: Nimbus Manticore Deploys New Malware Targeting Europe https://research.checkpoint.com/2025/nimbus-manticore-deploys-new-malware-targeting-europe/ #cybersecurity #infosec #malware

LastPass uncovers fake #GitHub repos spreading Atomic Stealer #malware to #Mac users https://nerds.xyz/2025/09/lastpass-uncovers-fake-github-repos-spreading-atomic-stealer-malware-to-mac-users/

Jogo verificado na Steam rouba 32.000€ a streamer em tratamento de cancro
 https://tugatech.com.pt/t71961-jogo-verificado-na-steam-rouba-32-000eur-a-streamer-em-tratamento-de-cancro

A video call from your CEO asks for a wire transfer. But it's not them.

It's an AI deepfake. This is the new reality of cyberattacks. See what's coming and how to prepare.

Read the full article: https://thetechbull.short.gy/inuURC

Researchers expose #MalTerminal, an #LLM-enabled #malware pioneer
https://securityaffairs.com/182433/malware/researchers-expose-malterminal-an-llm-enabled-malware-pioneer.html
#securityaffairs #hacking #malware #AI

Beware: #GitHub repos distributing #Atomic #Infostealer on #macOS
https://securityaffairs.com/182419/malware/beware-github-repos-distributing-atomic-infostealer-on-macos.html
#securityaffairs #hacking #malware

Sicurezza Matematica: Dalla teoria dei numeri all’hacking e al pentesting

Link all'articolo : https://www.redhotcyber.com/post/sicurezza-matematica-dalla-teoria-dei-numeri-allhacking-e-al-pentesting/

Quando parliamo di #cybersecurity, pensiamo subito a firewall, #malware, #exploit #zero-day. Ma c’è un livello più profondo, che non si vede e che nessuno può aggirare, le leggi della matematica.

Perché se i #software si possono #hackerare, i #protocolli si possono bypassare, le configurazioni si possono sbagliare ma la matematica non la si può corrompere. Ed è proprio su questo pilastro che si regge la #sicurezza #informatica moderna.

A cura di Diego Bentivoglio

not sure but i suspect "Block Blasters" might be the first #crypto stealing #malware video game to make its debut on #Steam?

SECURITY AFFAIRS #MALWARE NEWSLETTER ROUND 63
https://securityaffairs.com/182398/malware/security-affairs-malware-newsletter-round-63.html
#securityaffairs #hacking

Raffinierte #Malware tarnte sich im Google Play Store: Die Apps arbeiteten zunächst normal, aktivierten im Hintergrund jedoch heimlich ihre schädlichen Funktionen. https://winfuture.de/news,153750.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia

#CISA warns of #malware deployed through #Ivanti #EPMM flaws
https://securityaffairs.com/182350/malware/cisa-warns-of-malware-deployed-through-ivanti-epmm-flaws.html
#securityaffairs #hacking

You can watch my presentation from the yesterday's Not The Hidden Wiki "Hackuj Dobroczynnie" (Hack for good) event below.

In this presentation I'm talking about how to use LLMs equipped with MCP to power up your malware reverse engineering.

In the live demo, I'm showing how to use Google's Gemini-CLI to reverse engineer a sophisticated APT backdoor.

https://www.youtube.com/watch?v=NDA-bSo5wxc

#reverseengineering #malware #malwareanalysis #ai #llm #google hashtag#gemini #vibecoding #vibere #vibereversing