Malicious GhostPoster browser extensions found with 840,000 installs

Another set of 17 malicious extensions linked to the GhostPoster campaign has been discovered in Chrome, Firefox, and Edge ...
Decrypt

DeadLock Ransomware Using Polygon Smart Contracts to Evade Detection

The ransomware family’s abuse of Polygon smart contracts echoes techniques recently seen in Ethereum-based attacks.
The Hacker News

GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection

GootLoader malware is abusing malformed ZIP archives that bypass common tools like WinRAR & deliver JavaScript payloads via ...

DeadLock ransomware hides using exploited Polygon smart contracts

Cybersecurity firm Group-IB found the DeadLock ransomware is exploiting Polygon smart contracts to create a resilient ...
The Hacker News

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware ...

Gootloader now uses 1,000-part ZIP archives for stealthy delivery

The Gootloader malware, typically used for initial access, is now using a malformed ZIP archive designed to evade detection ...
CSO Online

Iran-linked MuddyWater APT deploys Rust-based implant in latest campaign

Iran-linked advanced persistent threat group MuddyWater has deployed a Rust-based implant in an ongoing espionage campaign ...