A fake coding challenge on GitHub is serving as the front for a targeted malware campaign. A malicious repository is luring targets with what looks like a harmless JavaScript exercise, silently dropping a backdoor called FogDoor. In the browser space, Rilide continues to evolve as a stealthy threat to users of Chromium-based browsers. Masquerading as a utility extension, Rilide quietly exfiltrates passwords, cookies, and crypto wallet credentials. Meanwhile, attackers are embracing cross-platform development tools for their next wave of evasion. Malware built using .NET MAUI is now being weaponized to bypass traditional security checks. Here are the top 10 highlights from the past 24 hours.
01
A malicious GitHub repository, FizzBuzz, disguised as a coding challenge, targets Polish-speaking developers and installs a backdoor named FogDoor upon execution of a PowerShell script.
02
A new malicious browser extension called Rilide targets Chromium-based browsers like Google Chrome and Microsoft Edge, and is designed to steal sensitive information, including credentials for cryptocurrency wallets.
03
The China-linked threat group, Weaver Ant, infiltrated a major Asian telecommunications provider's network for over four years, using compromised Zyxel CPE routers to hide traffic and infrastructure.
04
A set of five critical security vulnerabilities, collectively named IngressNightmare, have been discovered in the Ingress NGINX Controller for Kubernetes.
05
The GuLoader malware is being distributed via a phishing email that impersonates a well-known international shipping company, instructing users to open an attachment that contains an obfuscated VBScript.
06
Law enforcement authorities in seven African countries arrested 306 suspects and confiscated 1,842 devices as part of Operation Red Card that focused on disrupting mobile banking, investment, and messaging app scams, affecting over 5,000 victims.
07
Cybercriminals are increasingly using .NET MAUI to create malware that evades detection by disguising itself as legitimate apps, targeting users to steal sensitive information.
08
A significant vulnerability, CVE-2025-0927, has been discovered in the Linux kernel, primarily affecting Ubuntu 22.04 users. This heap overflow vulnerability has been present in the Linux kernel since 2005.
09
In 2024, there was a 146% increase in sites suffering physical consequences due to cyberattacks, with the U.S. and Germany experiencing the highest number of attacks.
10
In 2024, discussions about jailbreaking, on cybercrime forums, increased by 52%, while mentions of malicious AI tools and tactics increased by 219%.
