Cybercriminals are stepping up their game with stealthier tactics and platform-specific malware innovations. A newly uncovered Android banking trojan named RedHook is targeting Vietnamese users via phishing websites that mimic trusted entities, delivering the malware through a trojanized APK hosted on an exposed AWS S3 bucket. Meanwhile, a separate campaign is spreading Electron-based infostealers masquerading as indie games. Adding to the threat landscape, Gunra ransomware has introduced a powerful Linux variant capable of running up to 100 encryption threads in parallel. Continue reading for more news from the last 24 hours.
01
RedHook, a new Android banking trojan, has been targeting Vietnamese users via phishing sites, delivered through a trojanized APK on an exposed AWS S3 bucket.
02
A new malware campaign is distributing Electron-based infostealers, like Leet Stealer, RMC Stealer, and Sniffer Stealer, disguised as indie games through social engineering, fake websites, and Discord.
03
Hackers are targeting IIS servers with a sophisticated web shell script, UpdateChecker.aspx, which enables them to gain full remote access and control over the compromised systems.
04
Gunra ransomware has launched a Linux variant with advanced encryption, supporting up to 100 parallel threads and partial file encryption for faster attacks.
05
PyPI issued a security warning about a phishing campaign targeting Python developers, where project maintainers are tricked into revealing their credentials via a spoofed domain.
06
A critical vulnerability has been discovered in Google’s Gemini CLI, which allows silent execution of malicious commands through a combination of prompt injection, inadequate validation, and misleading user experience.
07
Five critical vulnerabilities have been identified in Bloomberg’s Comdb2 database, including three null pointer dereference flaws and two distributed transaction DoS exploits, that could enable DoS attacks via malicious packets.
08
A high-severity CSRF flaw (CVE-2023-2533) affecting PaperCut NG/MF software has been added to CISA’s KEV catalog following active exploitation.
09
Cybersecurity startup Dropzone AI raised $37 million in Series B funding, led by Theory Ventures, with backing from Madrona, Decibel Ventures, Pioneer Square Labs, and IQT.
10
Tel Aviv–based cybersecurity startup Tonic Security has secured $7 million in seed funding, led by Hetz Ventures with support from Vesey Ventures and experienced angel investors from the security industry.
