🚀 Malware Targets MacOS Users Through Fake Video Conferencing Apps
#windows #macos #malware #videoconferencing #cybersecurity #AI #cryptocurrency #dataprotection #passwordsecurity #Keychain #browsersecurity
According to PANews, researchers have identified a malware attack targeting macOS users that has been active for four months. The attack involves malware disguised as a video conferencing application, which steals passwords from the Keychain, session cookies from browsers like Google Chrome, Brave, and Opera, as well as cryptocurrency wallet information.
Tara Gould from Cado Security Labs revealed that attackers are using AI-generated content to create fake websites and social media accounts, posing as reputable companies. Victims are often approached through platforms like Telegram, discussing blockchain or cryptocurrency business opportunities. Once the file is installed, users are prompted to enter their macOS password, allowing further data theft.
Security experts advise users to remain vigilant, especially regarding unfamiliar links related to business opportunities. Utilizing protective tools such as Intego VirusBarrier can effectively defend against such threats.#windows #macos #malware #videoconferencing #cybersecurity #AI #cryptocurrency #dataprotection #passwordsecurity #Keychain #browsersecurity
🚀 Cyberhaven Chrome Extension Compromised in Phishing Attack
#windows #cybersecurity #phishing #ChromeExtension #Cyberhaven #malware #data breach
According to Odaily, a phishing attack on December 24 led to the theft of Google Chrome Web Store credentials belonging to a Cyberhaven employee. The attackers used these credentials to release a malicious version of the company's Chrome extension, identified as version 24.10.4.#windows #cybersecurity #phishing #ChromeExtension #Cyberhaven #malware #data breach
🚀 OpenAI Expands Deep Research Feature To All ChatGPT Pro Users
#OpenAI #ChatGPT #DeepResearch #ProUsers #MobileApp #DesktopApp #iOS #Android #macOS #Windows #UserExperience #ResearchCapabilities
According to PANews, OpenAI has announced that the Deep Research feature is now available to all ChatGPT Pro users. This feature can be accessed on mobile and desktop applications across iOS, Android, macOS, and Windows platforms. The expansion aims to enhance user experience by providing advanced research capabilities.#OpenAI #ChatGPT #DeepResearch #ProUsers #MobileApp #DesktopApp #iOS #Android #macOS #Windows #UserExperience #ResearchCapabilities
🚀 Hackers Exploit YouTube Creators With Malware Threats
#Hackers #YouTube #Malware #Cybersecurity #Kaspersky #SilentCryptoMiner #Cryptocurrency #XMRig #Windows #Botnet #Monero #Ravencoin #Ethereum #Tutorials #Antivirus #Infection #ETH #ETC
According to PANews, cybersecurity firm Kaspersky has identified a scheme where hackers are targeting YouTube content creators with copyright complaint threats to insert the SilentCryptoMiner malware into video descriptions. This malicious software, based on XMRig, is used for mining cryptocurrencies such as Ethereum, Ethereum Classic, Monero, and Ravencoin, and it controls a botnet via the Bitcoin blockchain.
The hackers primarily target YouTubers who provide tutorials on installing the Windows Packet Divert driver. They initiate false copyright claims against videos and then contact the creators, posing as the driver developers, to demand the addition of malicious links. One known victim, a YouTuber with 60,000 subscribers, has resulted in over 40,000 downloads of the infected file, with Kaspersky estimating that at least 2,000 devices have been compromised.
Kaspersky security researcher Leonid Bezvershenko warns that hackers are exploiting the trust between YouTubers and their audiences, and this threat could potentially spread to platforms like Telegram. He advises users to be cautious of tutorials that suggest disabling antivirus software and to verify the source before downloading any files to avoid infection by crypto-mining malware.#Hackers #YouTube #Malware #Cybersecurity #Kaspersky #SilentCryptoMiner #Cryptocurrency #XMRig #Windows #Botnet #Monero #Ravencoin #Ethereum #Tutorials #Antivirus #Infection #ETH #ETC
🚀 Cryptocurrency Users Warned of Malware Disguised as TradingView
#cryptocurrency #malware #TradingView #cybersecurity #informationstealer #SlowMist #Reddit #Mac #Windows #datasteal
According to PANews, cybersecurity expert 23pds from SlowMist Technology has issued a warning on the X platform about malware posing as a cracked version of TradingView. The malicious software, identified as AMOS and Lumma information stealers, is being disseminated through Reddit posts. These programs specifically target cryptocurrency users, aiming to steal wallet and personal data. Both Mac and Windows users have been affected by this threat.#cryptocurrency #malware #TradingView #cybersecurity #informationstealer #SlowMist #Reddit #Mac #Windows #datasteal
🚀 ModStealer Malware Poses Threat to Crypto Wallets Across Platforms
#ModStealer #Malware #CryptoWallets #CrossPlatform #Windows #Linux #macOS #WalletExtensions #WalletData #Credentials #DigitalCertificates #C2Server #PrivateKeys #MnemonicPhrases #APIKeys #OnChainAttacks #JobAdvertisements #Developers #NodeJS #SecurityThreat
According to PANews, security firm Mosyle has identified a cross-platform malware named ModStealer, which can bypass mainstream antivirus software by disguising itself as a background assistant program. This malware specifically targets browser-based crypto wallet data on Windows, Linux, and macOS systems. It spreads through fake job advertisements and primarily targets developers with Node.js environments installed.
ModStealer is capable of automatically executing and collecting wallet extensions, system credentials, and digital certificates, subsequently uploading the data to a remote command and control (C2) server. Security experts warn that this malware poses a direct threat to cryptocurrency users and platforms, potentially leading to the exposure of private keys, mnemonic phrases, and API keys, which could result in large-scale on-chain attacks.#ModStealer #Malware #CryptoWallets #CrossPlatform #Windows #Linux #macOS #WalletExtensions #WalletData #Credentials #DigitalCertificates #C2Server #PrivateKeys #MnemonicPhrases #APIKeys #OnChainAttacks #JobAdvertisements #Developers #NodeJS #SecurityThreat
🚀 Tether Data Launches AI Research Tools for STEM Model Training
#TetherData #AIresearch #QVAC #syntheticdataset #AImodels #STEM #QVACGenesisI #QVACWorkbench #AIenthusiasts #researchers #LLMs #Llama #Medgemma #Qwen #SmolVLM #Whisper #Android #iOS #Windows #macOS #Linux
According to Foresight News, Tether Data's AI research division, QVAC, has unveiled a synthetic dataset named QVAC Genesis I, designed for training AI models with a focus on STEM fields. Additionally, Tether Data introduced its first consumer application, QVAC Workbench, which serves as a comprehensive workspace showcasing the potential of AI on local devices. The target audience for QVAC Workbench includes AI enthusiasts, advanced users, and researchers. The application supports various large language models (LLMs) and other AI models, such as Llama, Medgemma, Qwen, SmolVLM, and Whisper. It is compatible with smartphones (currently available on Android, with iOS support expected in a few days) and desktop platforms (Windows, macOS, and Linux), offering the most extensive device support compared to existing products.#TetherData #AIresearch #QVAC #syntheticdataset #AImodels #STEM #QVACGenesisI #QVACWorkbench #AIenthusiasts #researchers #LLMs #Llama #Medgemma #Qwen #SmolVLM #Whisper #Android #iOS #Windows #macOS #Linux
🚀 Microsoft Executive Announces Retirement After Long Tenure
#Microsoft #ExecutiveRetirement #TechIndustry #Windows #WorkplaceApplications #Innovation #SoftwareDevelopment
A senior Microsoft executive, who played a significant role in managing workplace applications and the Windows operating system, has announced retirement. Bloomberg posted on X, highlighting the executive's extensive career at the tech giant. The departure marks the end of an era for Microsoft, as the executive was instrumental in shaping the company's software offerings over the years. The company is expected to continue its focus on innovation and development in the tech industry.#Microsoft #ExecutiveRetirement #TechIndustry #Windows #WorkplaceApplications #Innovation #SoftwareDevelopment
🚀 Axios Library Compromised by Malicious Attack
#Axios #JavaScript #npm #CyberSecurity #Malware #RAT #SupplyChainAttack #macOS #Windows #Linux #SoftwareSecurity #OIDC #SLSA #Huntress #ChainCatcher #npmToken
An attacker has compromised the npm access token of the lead maintainer of Axios, a popular JavaScript HTTP client library, and used it to release two malicious versions containing cross-platform remote access trojans (RATs). According to ChainCatcher, these versions, axios@1.14.1 and axios@0.3.4, targeted macOS, Windows, and Linux systems. The malicious packages were removed from the npm registry approximately three hours after their release.
Data from security company Wiz indicates that Axios is downloaded over 100 million times weekly and is present in about 80% of cloud and code environments. Security firm Huntress detected the first infections just 89 seconds after the malicious packages went live and confirmed that at least 135 systems were compromised during the exposure period. Notably, the Axios project had implemented modern security measures such as the OIDC trusted publishing mechanism and SLSA provenance proofs. However, the attacker bypassed these defenses entirely.
The investigation revealed that while configuring OIDC, the project retained the traditional long-lived NPM_TOKEN. When both tokens coexist, npm defaults to using the traditional token, allowing the attacker to publish without breaching OIDC.#Axios #JavaScript #npm #CyberSecurity #Malware #RAT #SupplyChainAttack #macOS #Windows #Linux #SoftwareSecurity #OIDC #SLSA #Huntress #ChainCatcher #npmToken