Malware threats are evolving faster than ever, according to recent discoveries. A new GodFather variant is targeting 500 banking and crypto apps globally, using Android Accessibility Services to steal credentials. Meanwhile, researchers found a malware campaign infecting Roblox developers with Skuld and Blank-Grabber through typosquatting NPM packages. A GootLoader campaign leveraged SEO poisoning to lure Bengal cat enthusiasts in Australia, distributing malware disguised as legal information. Read on for more highlights from the cybersecurity world.
01
Cyble uncovered a new GodFather malware variant targeting 500 banking and crypto apps across expanded regions, including Japan and Singapore. It exploits Accessibility Services, mimics user actions, and steals credentials.
02
A malware campaign targeted Roblox developers, spreading Skuld and Blank-Grabber via typosquatting NPM packages like node-dlls and rolimons-api. The attackers steal sensitive data through Discord and Telegram.
03
The Androxgh0st botnet, active since January, now integrates Mozi IoT payloads, targeting web servers and exploiting vulnerabilities in technologies like Cisco ASA and Laravel.
04
The CISA warned of active exploitation of a critical authentication bypass vulnerability (CVE-2024-5910) in Palo Alto Networks Expedition. Attackers can reset admin credentials and chain it with other flaws for command execution.
05
?Sophos X-Ops spotted a GootLoader campaign targeting Bengal cat enthusiasts in Australia. Attackers used SEO poisoning to distribute the malware disguised as legal information.
06
HPE issued updates for Aruba Networking Access Points to fix six vulnerabilities, including two critical command injection flaws (CVE-2024-42509, CVE-2024-47460) with severity scores of 9.8 and 9.0.
07
The U.K NCSC issued a new advisory, urging brands to demand cybersecurity compliance from ad partners, including robust KYC checks, industry certifications, and secure ad practices, to combat malvertising and secure the advertising ecosystem.
08
D-Link released patches to address a critical command injection vulnerability (CVE-2024-10914) in its NAS devices, including models like DNS-320 and DNS-340L, allowing remote attackers to execute arbitrary commands via HTTP GET requests.
09
MDR service provider Lumifi announced the acquisition of Critical Insight, marking its third deal in 13 months, to enhance its healthcare and critical infrastructure cybersecurity services.
10
The U.K-based cybersecurity startup CloudGuard received an undisclosed amount of funding from Praetura Ventures to expand operations, boost workforce, enhance AI research, and grow its cyber training academy.
