Infosecurity Magazine

Hospitality Sector Hit By PHALT#BLYX ClickFix Malware Campaign

Multi-stage malware campaign targets hospitality organizations using social engineering and abuse of MSBuild.exe ...
InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
Cybernews

Python-based VVS Stealer sneaks off with your Discord data

According to a report from Palo Alto Networks Unit 42, the malware is advertised on Telegram as the “ultimate stealer” and ...
The Hacker News

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to ...

ClickFix attack uses fake Windows BSOD screens to push malware

A new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of ...
Infosecurity Magazine

VVS Stealer Uses Advanced Obfuscation to Target Discord Users

A new Python-based malware called VVS stealer has been identified, targeting Discord users with stealthy techniques to steal ...
The Hacker News

New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code

VVS Stealer is a Python-based malware sold on Telegram that steals Discord tokens, browser data, and credentials using heavy ...
GitHub

ties2/malware-ai-agent

The Malware AI Agent is an advanced, AI-powered tool designed for malware analysis and threat intelligence generation. It collects malware metadata from multiple sources (MalwareBazaar, VirusTotal, ...

New GlassWorm malware wave targets Macs with trojanized crypto wallets

A fourth wave of the "GlassWorm" campaign is targeting macOS developers with malicious VSCode/OpenVSX extensions that deliver ...