News

The Hacker News6d

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.
The Register on MSN6d

Shell to pay: Crims invade your PC with CastleRAT malware, now in C and Python

Pro tip, don't install PowerShell commands without approval A team of data thieves has doubled down by developing its ...
CoinDesk5h

This Invisible 'ModStealer' is Targeting Your Browser-Based Crypto Wallets

The code includes pre-loaded instructions to target 56 browser wallet extensions and is designed to extract private keys, credentials, and certificates.

Hackers hide behind Tor in exposed Docker API breaches

A threat actor targeting exposed Docker APIs has updated its malicious tooling with more dangerous functionality that could ...
CSO Online1d

Docker malware breaks in through exposed APIs, then changes the locks

The new variant of Docker-targeting malware skips cryptomining in favor of persistence, backdoors, and even blocking rivals ...
CSO Online1d

AI prompt injection gets real — with macros the latest hidden threat

Attackers are evolving their malware delivery tactics by weaponing malicious prompts embedded in document macros to hack AI ...
CyberGuy1d

Shamos malware tricks Mac users with fake fixes

New Shamos malware targets Mac users with fake fixes, stealing passwords, crypto, and personal data. Here’s how to stay safe.