Cybercriminals use eBPF rootkits to conceal their presence and drop remote access trojans capable of tunnelling traffic and maintaining communication within private networks.

A high-severity access control flaw in Dell Power Manager allows privilege escalation. Attackers with local access can execute arbitrary code, bypass security measures, and compromise system confidentiality, integrity, and availability.

Cybersecurity researchers at Deep Instinct have uncovered a novel and powerful Distributed Component Object Model (DCOM) based lateral movement attack method that enables attackers to stealthily deploy backdoors on target Windows systems.

Cybercriminals are creating fake betting app ads to lure users and steal money and personal information. Over 500 fake ads and 1,377 malicious sites have been identified, targeting users in regions like Egypt, the Middle East, Europe, and Asia.

Cybersecurity researchers at SafetyDetectives revealed that Microsoft Defender, the default Windows antivirus, was deceived by malware, enabling the theft of cryptocurrency from an unsuspecting user.

The vulnerabilities, rated as high and medium severity, could allow unauthorized access, disruption of charger operations, and privilege escalation for limited users. Exploiting these vulnerabilities could lead to remote code execution.

The malware executes tasks to establish network access with Ncat, manipulates the system registry using IFEO, and controls system functions. It conducts cryptomining using SilentCryptoMiner and steals funds by swapping crypto wallet addresses.

Phishing campaigns are using newly registered domains related to hurricane relief efforts to trick victims into revealing sensitive information. Some are posing as FEMA assistance providers on forums like BlackBones to steal personal data and funds.

Morphisec Threat Labs has found advanced Lua malware targeting student gamers and educational institutions, taking advantage of Lua-based gaming engine supplements popular among students.

Checkmarx researchers discovered PyPI malware posing as crypto wallet tools. These malicious packages stole private keys and recovery phrases, targeting wallets like Metamask, Trust Wallet, and Exodus.