Emerging Threats

OpenAI API used for "highly personalized phishing content": Header image
OpenAI API used for “highly personalized phishing content”
Moonlock Lab threat researchers have come across a rather unique piece of macOS malware. The malware sample was found as a MachO file — the file format used by macOS systems to install...
Mar 14, 2025
6 min read
Hackers are distributing a new Golang backdoor via Telegram (Header image)
Hackers are distributing a new Golang backdoor via Telegram
A new threat is combining GitHub resources and Telegram bots to infect devices and install backdoor malware.  Researchers from Netskope recently found a new backdoor malware in the wild. While the malware is...
Feb 21, 2025
6 min read
XCSSET macOS stealer is back — with new tricks up its sleeve (Header image)
XCSSET macOS stealer is back — with new tricks up its sleeve
A 2022 piece of macOS malware is back. XCSSET is an advanced modular Mac environment-targeting malware. The new version has been updated to steal funds from digital wallets, collect data from the Notes...
Feb 20, 2025
5 min read
10K hijacked WordPress websites are spreading Mac and Windows malware: Header image
10K hijacked WordPress websites are spreading Mac and Windows malware
The takeover and use of WordPress sites to distribute malware or to phish for data are not unusual cybercriminal techniques. Most users trust WordPress sites to be safe, and a lot of sites...
Feb 10, 2025
6 min read
Hackers are using the DeepSeek craze to steal crypto and spread malware: Header image
Hackers are using the DeepSeek craze to steal crypto and spread malware
DeepSeek, a Chinese AI startup, is the latest big thing in the hype surrounding AI. Low prices on its paid models and open-source versions, in addition to the controversy of Chinese AI competing...
Feb 7, 2025
6 min read
Fake Reddit and WeTransfer pages are spreading stealer malware: Header image
Fake Reddit and WeTransfer pages are spreading stealer malware
A new large-scale cybercriminal operation has been identified operating in the wild.  This new threat campaign ran over 1,000 fake sites, impersonating WeTransfer and Reddit. The goal of the campaign is to trick...
Jan 31, 2025
4 min read
New phishing scam posing as USPS steals data via PDF files (Header image)
New phishing scam posing as USPS steals data via PDF files
United States Postal Service (USPS) scams, which have been around for decades, are experiencing a comeback. The classic “you’ve got a package to be delivered” scam is being updated with new techniques to...
Jan 30, 2025
6 min read
Dangerous macOS malware is spread via fake Homebrew ads: Header image
Dangerous macOS malware is spread via fake Homebrew ads
A new campaign exclusively targeting macOS developers was spotted in the wild. The threat leverages a popular attack chain that includes malvertising, abuse of the Google Ads platform, fake phishing sites, and download...
Jan 28, 2025
5 min read
New Banshee Stealer variant targets Mac users, evading XProtect: Header image
New Banshee Stealer variant targets Mac users, evading XProtect
Banshee, a stealer that emerged in mid-2024 to target macOS users, has received an alarming update. The developers behind Banshee have “stolen” Apple’s XProtect encryption, giving the malware increased stealth and attack rate...
Jan 16, 2025
6 min read
Wallet Drainer malware stole $500M worth of crypto in 2024: Header image
Wallet drainer malware stole $500M worth of crypto in 2024
A battle to dominate the world of crypto wallet drainers has been unfolding on the dark web. Throughout 2024, a handful of cyber criminal gangs that offer crypto drainers and phishing-as-a-service have proliferated....
Jan 10, 2025
6 min read