Grandoreiro and BTMOB Malware Campaigns Target Financial Users

Recent findings reveal two distinct malware campaigns, Grandoreiro and BTMOB, targeting Windows and Android users in various regions, including Latin America and Europe.

Recent findings reveal two distinct malware campaigns, Grandoreiro and BTMOB, targeting Windows and Android users in various regions, including Latin America and Europe.

A coordinated supply chain attack named TrapDoor has been identified, targeting npm, PyPI, and Crates.io to spread credential-stealing malware through numerous malicious packages.

A new automated malware campaign named Megalodon has compromised more than 5,500 GitHub repositories, raising concerns over supply chain security.

A Russian-speaking hacker utilized a jailbroken Google Gemini to execute a fraudulent campaign, specifically targeting MAGA supporters and QAnon followers, resulting in significant cryptocurrency theft.

Microsoft has dismantled a cybercrime service that provided code-signing certificates to ransomware groups, impacting thousands of machines, including its own.

A coordinated effort by INTERPOL has led to significant disruptions in cybercrime networks across the Middle East and North Africa, resulting in 201 arrests and the identification of hundreds of suspects.

The Russian hacking group Turla has upgraded its Kazuar backdoor into a modular peer-to-peer botnet, enhancing its stealth and persistence capabilities.

A recent malware campaign has been identified, targeting developers through deceptive Claude Code installers. This campaign exploits vulnerabilities in Chromium-based browsers to exfiltrate sensitive data.

A new Brazilian banking trojan, TCLBANKER, has been identified, capable of targeting numerous financial platforms through sophisticated propagation methods.

A phishing campaign leveraging legitimate Remote Monitoring and Management software has impacted more than 80 organizations, primarily in the U.S.