Think twice before trusting a WordPress site—over 10,000 have been hijacked to spread AMOS and SocGholish malware to macOS and Windows users. Meanwhile, Trend Micro uncovered a campaign abusing GitHub releases to distribute Lumma Stealer alongside other malware families like SectopRAT, Vidar, and Cobeacon. Adding to the chaos, Chinese-linked hackers (CL-STA-0048) are using rare techniques like Hex Staging and DNS exfiltration via ping commands to target high-value entities in South Asia. Read on for the latest insights.
01
Over 10,000 WordPress websites have been hijacked to spread the AMOS and SocGholish malware aimed at macOS and Windows users, respectively.
02
Trend Micro's investigations uncovered a campaign distributing Lumma Stealer by exploiting GitHub release infrastructure. This campaign involved various malware like SectopRAT, Vidar, and Cobeacon.
03
North Korea's Lazarus Group conducted a massive supply chain attack called Phantom Circuit, compromising hundreds of victims globally by planting backdoors in cloned software packages.
04
A new variant of the Mirai-based botnet malware called Aquabotv3 has been found exploiting a command injection vulnerability, CVE-2024-41710, in Mitel SIP phones.
05
North Korea’s Contagious Interview deployed a malicious npm package, called postcss-optimizer, containing BeaverTail malware to steal credentials and cryptocurrency data.
06
A Chinese-linked threat actor dubbed CL-STA-0048 targeted high-value entities in South Asia using rare techniques like Hex Staging and DNS exfiltration via ping commands.
07
The FBI seized several cybercrime forums and marketplaces, including Nulled[.]to, Cracked[.]io, and StarkRDP[.]io, as part of Operation Talent.
08
Google Threat Intelligence Group (GTIG) reported that over 57 threat groups, linked to China, Iran, North Korea, and Russia, are using Google’s Gemini AI to advance their cyber and information attacks.
09
Application security startup Oligo Security secured $50 million in its Series B funding round. The investment was led by Greenfield Partners, with participation from Ballistic Ventures, Lightspeed Venture Partners, Red Dot Capital Partners, and others.
10
Israel-based non-human identity (NHI) protection startup Clutch Security raised $20 million in Series A funding led by SignalFire, with additional investment from Lightspeed Venture Partners and Merlin Ventures.
