Threat Landscape - Kaspersky detected a new infostealer malware named Stealka, active since November 2025 [1] - Stealka spreads through fake game mods and pirated software on platforms like GitHub and Google Sites [1] Target Scope - The malware targets over 100 browsers [1] - The malware targets more than 80 crypto wallets, including MetaMask, Binance, Coinbase, Phantom, and Trust Wallet [1] Data Theft - Stealka steals credentials, private keys, and seed phrases from targeted systems [1]

🚨 ALERT: North Korean hackers are targeting crypto users through fake Zoom meetings that deploy malware to steal passwords and private keys, warns Security Alliance.If you’ve clicked these links, immediately disconnect device, transfer crypto to new wallets, change all passwords, enable 2FA, and perform full memory wipe before reuse. ...

The cybersecurity nonprofit Security Alliance (SEAL) warned that North Korean hackers are using fake Zoom meetings to carry out cryptocurrency scams, with attacks now occurring daily. Researcher Taylor Monahan said the method has caused losses of over $300 million, typically starting from compromised Telegram accounts and leading victims to download malware that steals passwords, private keys, and crypto assets. https://t.co/IA4qgghFZ9 ...

Cyber Security Threats & Trends - Cyber attacks are evolving from individual hackers to organized criminal groups with economic, political, or ideological motivations [4][5] - Artificial intelligence (AI) is being used by attackers to automate attacks, reduce the time to compromise a system (potentially from 10 days to a few hours), and lower the cost of entry by providing access to expertise and malware creation capabilities [19][20][21] - Attackers are shifting from technical exploits to social engineering, including voice clone attacks that can replicate the voice of a CEO or IT leader to gain unauthorized access or credentials [21][22] - Disinformation campaigns using AI-generated video, audio, and images are expected to increase, requiring users to verify information from trusted sources [26] Incident Response & Recovery - Incident response teams focus on transforming catastrophic events into learning opportunities to improve skills, collaboration, and knowledge within an organization [9] - A real-world example highlights a company with billion-dollar revenue that was completely encrypted, with all backups lost, leaving them at the mercy of the attacker [10][11][12] - In the aforementioned case, a partially compromised production file allowed the incident response team to develop code to reconstruct the file and restore production, preventing further losses [13][14][15] - Even with production restored, the company was still severely impacted, with technical departments lacking files, payroll unable to function, and customer/supplier trust damaged [17][18] Mitigation & Future Strategies - Companies should invest in training and education to promote the correct use of digital tools and data management [27] - Developing critical thinking skills is essential to avoid over-reliance on technology and pre-packaged responses [23][24] - Organizations need to evolve, develop critical thinking, and preserve human skills to navigate the digital landscape effectively [29]

Cyber Security Threats & Trends - The digital world faces "storms" of dormant malware, hidden backdoors, and evolving phishing campaigns [2] - Cyber attackers operate silently, gathering credentials and exfiltrating information, waiting for the opportune moment to strike [4] - Cyber attacks have evolved from individual hobbyists to organized criminal groups with economic, political, or ideological motives [5] - Artificial intelligence (AI) is being used by attackers to automate attacks more efficiently, reducing compromise time by a factor of ten [19][20] - AI also lowers the barrier to entry for attackers by providing access to expertise and malware creation capabilities, reducing the need for external purchases [20][21] - Attackers are shifting focus to social engineering, using voice cloning technology to impersonate authority figures and trick users into divulging sensitive information [21][22] Incident Response & Recovery - Incident response involves transforming catastrophic events into learning opportunities to foster competence, synergy, and knowledge within an organization [9] - In a real-world case, a company with multi-billion dollar revenue experienced a complete infrastructure shutdown due to encryption [10] - The company had approximately 30 locations worldwide, half of which were production sites, leading to widespread disruption [11] - A compromised production file was partially recovered, allowing for the creation of code to restore production across the company's infrastructure [13][14][15] - Even with production restored, the company was still considered a "survivor" due to the extensive damage to other departments and compromised trust with clients and suppliers [16][17][18] Recommendations & Future Considerations - Individuals should be wary of unverified information sources online due to the potential for disinformation campaigns using manipulated video, audio, and images [26] - It is crucial to educate oneself on the proper use of digital tools and to manage personal and others' data carefully [27] - Individuals should develop critical thinking skills and avoid relying solely on AI-generated responses [29]

Malware Chrome Extension Secretly Siphoned Fees From Solana Traders for Months► https://t.co/9ANlVZZVDE https://t.co/9ANlVZZVDE ...

Hackers Bypass Signal, Telegram And WhatsApp Encryption To Read MessagesSecurity researchers at threat intelligence outfit ThreatFabric have confirmed that they have observed a new and dangerous piece of Android malware, a banking trojan that goes beyond the normal boundaries of such malicious software.https://t.co/MAeeTrgzvf (Photo: Photothek via Getty Images) ...

ICYMI:BSCN (@BSCNews):BRAZIL SOUNDS ALARM ON NEW WHATSAPP CRYPTO MALWARE WAVE- Brazil’s cybersecurity teams are warning users about a fast-moving malware campaign spreading through WhatsApp.- The threat stems from a new banking Trojan called Eternidade Stealer, marking one of the sharpest rises in https://t.co/ysrEMnr2NZ ...

Threat Landscape - Brazil's cybersecurity teams are warning about a fast-moving malware campaign spreading through WhatsApp, marking a sharp rise in cybercrime activity this year [1] - The threat stems from a new banking Trojan called Eternidade Stealer, utilizing a WhatsApp-propagating worm as its entry point [1] - The Trojan activates only on systems set to Brazilian Portuguese, targeting banking, fintech, and crypto applications [2] - Criminal groups are abusing WhatsApp's screen-sharing feature to steal verification codes, hijack accounts, and drain funds, with victims reporting losses reaching six-figure territory [4] Malware Tactics & Techniques - The malware uses Python automation to hijack active WhatsApp sessions and send personalized messages [2] - The worm clones messages, steals contacts, and sends the same infected ZIP file across a victim's network with no human action required [4] - The stealer gathers system information, checks for antivirus tools, and grabs browser details, monitoring apps tied to major Brazilian banks and crypto services [3] - Attackers use an IMAP mailbox to pull command-and-control details, providing extra resilience when domains get shut down [3] Mitigation & Prevention - Authorities recommend logging out of all sessions, resetting your WhatsApp account, alerting contacts, and scanning devices if compromise is suspected [5] - Users should avoid installing remote-access tools sent through messages and ignore ZIP files and "urgent" fixes forwarded on WhatsApp [7] - Enabling two-step verification is recommended for extra account protection [7]

Cybersecurity Threat - Brazil warns crypto users of a new malware wave spreading through WhatsApp [1] - The malware uses a hijacking worm [1]