Microsoft has uncovered a malware campaign that uses fake cryptocurrency apps to spread malicious software. Since October 2024, attackers have been tricking users into downloading what looks like Binance or TradingView installers. These fake apps use Node.js and PowerShell to steal system data and send it to hackers.

The malware avoids detection by disabling Defender scans, stealing sensitive data like browser info, and staying active through scheduled tasks. Some versions use a...

Microsoft is warning about a series of phishing attacks using fake tax-related emails to spread malware and steal user credentials. These scams often include PDF attachments with shortened links or QR codes, which lead to fake websites that look like trusted services (e.g., DocuSign or Microsoft 365).

Some of these attacks use a platform called RaccoonO365, which helps cybercriminals create phishing websites. Once users click the links, they might be tricked into downloading malware...

Mozilla has released urgent updates for its Firefox browser to fix a security issue that could allow attackers to bypass protective measures. This comes shortly after Google patched a similar vulnerability in Chrome, which had been actively exploited.

The flaw, identified as CVE-2025-2857, could let a compromised part of Firefox’s system access more powerful functions, potentially leading to security risks. Mozilla has addressed the issue in Firefox versions 136.0.4 and 115.21.1, and...

The ClearFake cyberattack, first discovered in 2023, has grown into a more dangerous threat. Originally using fake browser update pop-ups, ClearFake now tricks people by pretending to be security checks, like fake reCAPTCHA or Cloudflare Turnstile verifications. These false alerts lead users to unknowingly download harmful software, such as Lumma Stealer and Vidar Stealer.

A new tactic called ClickFix has emerged, where attackers fool users into running harmful...

The FBI Denver Field Office has issued an urgent warning about a rise in cybercrimes involving free online file converters. Criminals are using these services to install malware on users' computers, risking data theft or ransomware attacks. A recent Colorado incident highlights the threat, with cybercriminals targeting individuals seeking free tools to convert or merge files, such as converting Word documents to PDFs. These tools appear legitimate but secretly deliver malicious...

Researchers found a new attack where a malicious web extension mimics any installed add-on, copying icons, popups, and workflows. This tricks users into entering credentials, which attackers can use to hijack accounts and steal sensitive data. The attack affects all Chromium-based browsers like Chrome, Edge, Brave, and Opera.

The malicious extension scans for target extensions, changes its icon to match, and disables the legitimate extension using the "chrome.management" API. Google...

The U.K.'s Information Commissioner's Office (ICO) has launched an investigation into TikTok, Reddit, and Imgur to examine how they protect children aged 13 to 17. The probe focuses on how these platforms use children’s personal data to recommend content, amid concerns that such practices may expose young users to inappropriate material.

The ICO is particularly scrutinizing TikTok’s recommendation algorithms and the methods Reddit and Imgur use to verify user age and tailor content....

OpenAI announced Friday that it banned several accounts using its ChatGPT tool to develop an AI-powered surveillance system, likely originating from China. The tool, leveraging Meta's Llama model, was used to monitor anti-China protests in the West, collect data from social media, and share insights with Chinese authorities. This operation, codenamed Peer Review, also helped analyze posts related to Uyghur rights protests, though the authenticity of some images remains unclear....

South Korea has suspended new downloads of the Chinese AI chatbot DeepSeek, effective February 15, 2025, due to concerns over its compliance with the country’s data protection laws. The Personal Information Protection Commission (PIPC) cited issues with the app's communication functions and its handling of personal data, particularly in relation to third-party services.

While the app remains accessible via the web, existing users have been warned not to input personal information...

North Korean hackers are behind the Contagious Interview campaign, which targets victims with fake job interviews. The hackers send a link that causes an error, prompting users to install fake software (like VCam or CameraAccess) for the interview. This leads to the installation of malware called BeaverTail, which steals sensitive data and can install a backdoor named InvisibleFerret.

Discovered in late 2023, the campaign uses fake video-conferencing apps and npm packages to...