GlassWorm attack installs fake browser extension for surveillance

Pulse ID: 69ca1c002822bd4b340a63fb
Pulse Link: https://otx.alienvault.com/pulse/69ca1c002822bd4b340a63fb
Pulse Author: Tr1sa111
Created: 2026-03-30 06:45:20

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Browser #CyberSecurity #FakeBrowser #InfoSec #OTX #OpenThreatExchange #Worm #bot #Tr1sa111

BRUSHWORM and BRUSHLOGGER uncovered

Pulse ID: 69ca1c302d1906c2bc346332
Pulse Link: https://otx.alienvault.com/pulse/69ca1c302d1906c2bc346332
Pulse Author: Tr1sa111
Created: 2026-03-30 06:46:08

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #OTX #OpenThreatExchange #Worm #bot #Tr1sa111

BRUSHWORM and BRUSHLOGGER uncovered

A South Asian financial institution was targeted with two custom malware components: BRUSHWORM, a modular backdoor, and BRUSHLOGGER, a keylogger. BRUSHWORM features anti-analysis checks, encrypted configuration, scheduled task persistence, modular payload downloading, USB worm propagation, and extensive file theft. BRUSHLOGGER uses DLL side-loading to capture system-wide keystrokes with window context tracking. The malware's low sophistication and implementation flaws suggest an inexperienced author, possibly using AI code-generation tools. Multiple testing versions were discovered on VirusTotal, indicating iterative development. The malware components combine to create a functional collection platform with modular loading, USB propagation, broad file theft, air-gap bridging, and persistent keystroke capture.

Pulse ID: 69c643be1c9656febe1f3cc6
Pulse Link: https://otx.alienvault.com/pulse/69c643be1c9656febe1f3cc6
Pulse Author: AlienVault
Created: 2026-03-27 08:45:50

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#AWS #Asia #BackDoor #CyberSecurity #InfoSec #KeyLogger #Malware #OTX #OpenThreatExchange #RAT #Rust #SouthAsia #USB #VirusTotal #Worm #bot #AlienVault

GlassWorm attack installs fake browser extension for surveillance

GlassWorm is a sophisticated malware targeting developers through compromised code repositories and package managers. It executes in stages, starting with a stealthy infection that fingerprints the machine and fetches further payloads via the Solana blockchain. The malware steals sensitive data, including cryptocurrency wallets and development credentials, installs a Remote Access Trojan (RAT), and deploys a fake Chrome extension for extensive surveillance. It uses distributed hash tables and blockchain for resilient command and control. While initially focused on developers with potential cryptocurrency assets, the stolen information could enable wider supply chain attacks. Prevention strategies include careful package management, regular extension audits, and up-to-date anti-malware solutions.

Pulse ID: 69c59ad1d050c7b6a823051e
Pulse Link: https://otx.alienvault.com/pulse/69c59ad1d050c7b6a823051e
Pulse Author: AlienVault
Created: 2026-03-26 20:45:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlockChain #Browser #Chrome #ChromeExtension #CyberSecurity #FakeBrowser #InfoSec #Mac #Malware #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #SupplyChain #Trojan #Worm #bot #cryptocurrency #developers #AlienVault

GlassWorm Hides in Solana to Spread RAT and Steal Data

The GlassWorm campaign targets developers through malicious packages and uses Solana blockchain and Google Calendar as stealthy C2 channels.

Pulse ID: 69c5a1c13768a636f16930fc
Pulse Link: https://otx.alienvault.com/pulse/69c5a1c13768a636f16930fc
Pulse Author: cryptocti
Created: 2026-03-26 21:14:41

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlockChain #CyberSecurity #Google #InfoSec #OTX #OpenThreatExchange #RAT #Worm #bot #developers #cryptocti

Metal By Numbers: When Worm crawled up the charts – 02/13/2026:

#MetalByNumbers #Worm

Link: https://metalinsider.net/columns/metal-by-numbers/metal-by-numbers-when-worm-crawled-up-the-charts-02-13-2026

Inktober 52 2026 - Week 12 - Covered BONUS

Yal doesn't want to get soaked in a downpour but will help someone else live their best life by moisturizing them.

#inktober
#inktober52
#creature
#worm
#yal
#snail
#umbrella
#rain
#covered

#worm : a creeping or a crawling animal of any kind or size, as a serpent, caterpillar, snail, or the like

- German: der Wurm

- Italian: lombrico

- Portuguese: minhoca

- Spanish: gusano

------------

Fill in missing or incorrect translations @ https://wordofthehour.org/r/translations

Here's a hair like structure made with a vector-flow-field added variables for example for the transparency and a circular constraint.

In the last Genuary I made this looking more like fur and I wanted to come back to it.
Also, my hair looks a little like this. ;)

In the last days I think of combining these artistic structures with a game. So maybe a character running with such a flow field behind him or transitions made with the dithering I made some time ago.

Would you play and look into such a game?

#hair #vector #flow #field #bw #nature #human #haircut #hairstyles #worm #genuary #genart #art #mastoart #fediart #p5js #noai #genuary2026 #code #math #programming #artwork #minimalism #coding #generativeart #generative #artforsale #simplify #creativecoding #random