Search results for malicious | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have uncovered two malicious machine learning (ML) models on Hugging Face that leveraged an unusual technique of "broken" pickle files to evade detection. "The pickle files extracted from the mentioned PyTorch archives revealed the malicious Python content at the beginning of the file," ReversingLabs researcher Karlo Zanki said in a report shared with The Hacker News. "In both cases, the malicious payload was a typical platform-aware reverse shell that connects to a hard-coded IP address." The approach has been dubbed nullifAI, as it involves clearcut attempts to sidestep existing safeguards put in place to identify malicious models. The Hugging Face repositories have been listed below - glockr1/ballr7 who-r-u0000/0000000000000000000000000000000000000 It's believed that the models are more of a proof-of-concept (PoC) than an active supply chain attack scenario. The pickle serialization format, used commonly for dis...

Next time when someone sends you a photo of a cute cat or a hot chick than be careful before you click on the image to view — it might hack your machine. Yes, the normal looking images could hack your computers — thanks to a technique discovered by security researcher Saumil Shah from India. Dubbed " Stegosploit ," the technique lets hackers hide malicious code inside the pixels of an image, hiding a malware exploit in plain sight to infect target victims. Just look at the image and you are HACKED! Shah demonstrated the technique during a talk titled , " Stegosploit: Hacking With Pictures, " he gave on Thursday at the Amsterdam hacking conference Hack In The Box. According to Shah, "a good exploit is one that is delivered in style." Keeping this in mind, Shah discovered a way to hide malicious code directly into an image, rather than hiding it in email attachments, PDFs or other types of files that are typically used to deliver...

A security weakness has been disclosed in the artificial intelligence (AI)-powered code editor Cursor that could trigger code execution when a maliciously crafted repository is opened using the program. The issue stems from the fact that an out-of-the-box security setting is disabled by default, opening the door for attackers to run arbitrary code on users' computers with their privileges. "Cursor ships with Workspace Trust disabled by default, so VS Code-style tasks configured with runOptions.runOn: 'folderOpen' auto-execute the moment a developer browses a project," Oasis Security said in an analysis. "A malicious .vscode/tasks.json turns a casual 'open folder' into silent code execution in the user's context." Cursor is an AI-powered fork of Visual Studio Code, which supports a feature called Workspace Trust to allow developers to safely browse and edit code regardless of where it came from or who wrote it. With this option disab...

Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign orchestrated by the North Korea-linked Lazarus Group. The coordinated campaign has been codenamed graphalgo in reference to the first package published in the npm registry. It's assessed to be active since May 2025. "Developers are approached via social platforms like LinkedIn and Facebook, or through job offerings on forums like Reddit," ReversingLabs researcher Karlo Zanki said in a report. "The campaign includes a well-orchestrated story around a company involved in blockchain and cryptocurrency exchanges." Notably, one of the identified npm packages, bigmathutils, attracted more than 10,000 downloads after the first, non-malicious version was published, and before the second version containing a malicious payload was released. The names of the packages are listed below - npm...

Disclaimer : This report has been prepared by the Threat Research Center to enhance cybersecurity awareness and support the strengthening of defense capabilities. It is based on independent research and observations of the current threat landscape available at the time of publication. The content is intended for informational and preparedness purposes only. Read more blogs around threat intelligence and adversary research: https://atos.net/en/lp/cybershield  Summary Atos Researchers identified a new variant of the popular ClickFix technique, where attackers convince the user to execute a malicious command on their own device through the Win + R shortcut. In this variation, a “net use” command is used to map a network drive from an external server, after which a “.cmd” batch file hosted on that drive is executed. Script downloads a ZIP archive, unpacks it, and executes the legitimate WorkFlowy application with modified, malicious logic hidden inside “.asar” archive. This acts as...

Cyber attackers never stop inventing new ways to compromise their targets. That's why organizations must stay updated on the latest threats.  Here's a quick rundown of the current malware and phishing attacks you need to know about to safeguard your infrastructure before they reach you. Zero-day Attack: Corrupted Malicious Files Evade Detection by Most Security Systems  The analyst team at ANY.RUN recently shared their analysis of an ongoing zero-day attack . It has been active since at least August and still remains unaddressed by most detection software to this day. The attack involves the use of intentionally corrupted Word documents and ZIP archives with malicious files inside. VirusTotal shows 0 detections for one of the corrupted files Due to corruption, security systems cannot properly identify the type of these files and run analysis on them, which results in zero threat detections. Word will ask the user if they want to restore a corrupted file Once these fi...

Three different ClickFix campaigns have been found to act as a delivery vector for the deployment of a macOS information stealer called MacSync . "Unlike traditional exploit-based attacks, this method relies entirely on user interaction – usually in the form of copying and executing commands – making it particularly effective against users who may not appreciate the implications of running unknown and obfuscated terminal commands," Sophos researchers Jagadeesh Chandraiah, Tonmoy Jitu, Dmitry Samosseiko, and Matt Wixey said . It's currently not known if the campaigns are the work of the same threat actor. The use of ClickFix lures to distribute the malware was also flagged by Jamf Threat Labs in December 2025. The details of the three campaigns are as follows - November 2025: A campaign that used OpenAI's ChatGPT Atlas web browser as bait, delivered via sponsored search results on Google, to direct users to a fake Google Sites URL with a download button that, whe...

Chinese-speaking users have been targeted by malicious Google ads for restricted messaging apps like Telegram as part of an ongoing malvertising campaign. "The threat actor is abusing Google advertiser accounts to create malicious ads and pointing them to pages where unsuspecting users will download Remote Administration Trojan (RATs) instead," Malwarebytes' Jérôme Segura  said  in a Thursday report. "Such programs give an attacker full control of a victim's machine and the ability to drop additional malware." It's worth noting that the activity, codenamed  FakeAPP , is a continuation of a  prior attack wave  that targeted Hong Kong users searching for messaging apps like WhatsApp and Telegram on search engines in late October 2023. The latest iteration of the campaign also adds messaging app LINE to the list of messaging apps, redirecting users to bogus websites hosted on Google Docs or Google Sites. The Google infrastructure is used to embed link...

Late last week an unknown hacker or a group of hackers successfully targeted a cryptocurrency exchange with an aim to steal Bitcoins by compromising the web analytics service it was using. ESET malware researcher Matthieu Faou this weekend spotted malicious JavaScript code on up to 700,000 websites that were bundled with the traffic tracking code from the leading web analytics platform StatCounter . However, after analyzing the code, the researchers found that hackers managed to compromise StatCounter and successfully replaced its tracking script with malicious JavaScript code primarily designed to target customers of the Gate.io cryptocurrency exchange. Like Google Analytics, StatCounter is also an old, but popular real-time web analytics platform reportedly being used by more than two million websites and generates stats on over 10 billion page views per month. Here's How Hackers Tried to Steal Bitcoins from Crypto Exchange Though the malicious code was also inject...

Cybercriminals have rolled out a new malicious Android application that wraps different varieties of banking fraud trick into a single piece of advanced mobile malware . GOOGLE SERVICE FRAMEWORK - APPLICATION OR MALWARE? Security researchers at the security firm FireEye have came across a malicious Android application that binds together the latest and older hijacking techniques. The malicious Android app combines private data theft, banking credential theft and spoofing, and remote access into a single unit, where traditional malware has had only one such capability included in it. Researchers dubbed the malware as HijackRAT , a banking trojan that comes loaded with a malicious Android application which disguises itself as “Google Service Framework,” first and the most advanced Android malware sample of its kind ever discovered, combining all the three malicious activities together. MALWARE FEATURES By giving the remote control of the infected device to hackers,...

The maintainers of the Python Package Index (PyPI) repository briefly suspended new user sign-ups following an influx of malicious projects uploaded as part of a typosquatting campaign. PyPI said "new project creation and new user registration" was temporarily halted to mitigate what it said was a "malware upload campaign." The incident was resolved 10 hours later, on March 28, 2024, at 12:56 p.m. UTC. Software supply chain security firm Checkmarx said the unidentified threat actors behind flooding the repository targeted developers with typosquatted versions of popular packages. "This is a multi-stage attack and the malicious payload aimed to steal crypto wallets, sensitive data from browsers (cookies, extensions data, etc.), and various credentials," researchers Yehuda Gelb, Jossef Harush Kadouri, and Tzachi Zornstain  said . "In addition, the malicious payload employed a persistence mechanism to survive reboots." The findings were also c...

Apple Mac Computers are considered to be invulnerable to malware, but the new Exploit discovered by security researchers proves it indeed quite false. Patrick Wardle , director of research at security firm Synack , has found a deadly simple way that completely bypass one of the core security features in Mac OS X i.e.  Gatekeeper . Introduced in July of 2012, Gatekeeper is Apple's anti-malware feature designed to keep untrusted and malicious applications from wreaking havoc on Macs. However, Wardle has found a quick and simple way to trick Gatekeeper into letting malicious apps through on Mac OS X machines, even if the protection is set to open apps downloaded only from the Mac App Store. According to the researcher, before allowing any apps to execute on an OS X machine, Gatekeeper performs a number of checks, such as: Checking the initial digital certificate of a downloaded app Ensuring the app has been signed with an Apple-recognized developer certificat...

More than a dozen malicious packages have been discovered on the npm package repository since the start of August 2023 with capabilities to deploy an open-source information stealer called  Luna Token Grabber  on systems belonging to Roblox developers. The ongoing campaign, first detected on August 1 by ReversingLabs, employs modules that masquerade as the legitimate package  noblox.js , an API wrapper that's used to create scripts that interact with the Roblox gaming platform. The software supply chain security company described the activity as a "replay of an attack  uncovered  two years ago" in October 2021. "The malicious packages [...] reproduce code from the legitimate noblox.js package but add malicious, information-stealing functions," software threat researcher Lucija Valentić  said  in a Tuesday analysis. The packages were cumulatively downloaded 963 times before they were taken down. The names of the rogue packages are as follows - n...

Microsoft Windows Malicious Software Removal Tool - Download ! The Microsoft Windows Malicious Software Removal Tool checks Windows Vista, WIndows 7, Windows XP, Windows 2000, and Windows Server 2003 computers for and helps remove infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. The tool creates a log file named mrt.log in the %WINDIR%\debug folder. To download the x64 version of Malicious Software Removal Tool, click here . This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product. Microsoft will release an updated version of this tool on the second Tuesday of each month. New versions will be made available through this web page, Windows Update, and the Malicious Software Removal Tool Web site on...

Three critical security flaws have been disclosed in an open-source utility called Picklescan that could allow malicious actors to execute arbitrary code by loading untrusted PyTorch models, effectively bypassing the tool's protections. Picklescan , developed and maintained by Matthieu Maitre (@mmaitre314), is a security scanner that's designed to parse Python pickle files and detect suspicious imports or function calls, before they are executed. Pickle is a widely used serialization format in machine learning, including PyTorch , which uses the format to save and load models. But pickle files can also be a huge security risk , as they can be used to automatically trigger the execution of arbitrary Python code when they are loaded. This necessitates that users and organizations load trusted models, or load model weights from TensorFlow and Flax. The issues discovered by JFrog essentially make it possible to bypass the scanner, present the scanned model files as safe, and e...