Ghost CMS Flaw Exploited to Hijack Over 700 Sites in ClickFix Attacks
Over 700 websites were hijacked in a massive campaign that exploited a critical Ghost CMS vulnerability, turning legitimate pages into gateways for Windows malware. This alarming attack was made possible by CVE-2026-26980, an SQL injection flaw with a near-perfect CVSS score of 9.4.
#GhostCms #Cve202626980 #SqlInjection #Clickfix #WindowsMalware
Malicious Hugging Face repository targets Windows users with infostealer malware
Malicious actors on Hugging Face tricked Windows users into downloading infostealer malware by creating a fake repository that mimicked OpenAI's popular Privacy Filter release. The rogue repository briefly shot to the top of Hugging Face's trending list, racking up 244,000 downloads before being swiftly removed.
#InfostealerMalware #HuggingFace #Typosquatting #AiModelAbuse #WindowsMalware
Malicious Site Exploits AI Interest to Deploy Beagle Backdoor
Beware of a fake website masquerading as Anthropic's Claude interface, tricking users into downloading a 505 MB ZIP archive that unleashes a new, previously undocumented Windows backdoor called Beagle. This malicious campaign uses a convincing imitation of the legitimate site to spread the infection.
#BeagleBackdoor #AiMalware #WindowsMalware #Malvertising #DllSideloading
Fake Claude AI site delivers Beagle Windows backdoor malware
Beware of a fake Claude AI site that's really a malware trap: a 505MB archive disguised as a legitimate installer delivers a sneaky Windows backdoor called Beagle. Clicking the download button on the site leads to trouble, not the AI tool you might be expecting.
#FakeClaudeAiSite #BeagleWindowsBackdoor #MalwareOperations #EmergingThreats #WindowsMalware
CloudZ Malware Exploits Phone Link to Harvest SMS OTPs
Beware of CloudZ malware, a sneaky Windows threat that's been stealing SMS messages and one-time passwords since January 2026 by exploiting Microsoft's Phone Link app. This malicious duo, paired with the Pheno plugin, can capture mobile authentication data without ever touching your smartphone.
#CloudzMalware #WindowsMalware #MicrosoftPhoneLink #SmsOtp #RemoteAccessTool
😱 Siete al sicuro? Un nuovo malware sfrutta l'automazione di Windows per rubare i tuoi dati sensibili. Aggiorna il tuo antivirus e fai attenzione! #CyberSecurity #WindowsMalware
🔗 https://www.tomshw.it/hardware/coyote-primo-malware-che-sfrutta-windows-ui-2025-07-25
Dissecting Windows Malware Series – Beginner To Advanced:
- Part 1: https://8ksec.io/dissecting-windows-malware-series-beginner-to-advanced-part-1/
- Part 2: https://8ksec.io/dissecting-windows-malware-series-process-injections-part-2/
In Part-1 of Dissecting Windows Malware blog series, we’ll lay down the foundations of analysing and reverse engineering Windows malicious files.
Elastic Security Labs analyzed a Windows dataset of over 100,000 malicious files: https://www.elastic.co/security-labs/unveiling-malware-behavior-trends
This article describes our analysis of the top malware stealer families, unveiling their operation methodologies, recent updates, and configurations. By understanding the modus operandi of each family, we better comprehend the magnitude of their impact and can fortify our defences accordingly.
Analyst207
Tarnkappe.info
Tom's Hardware Italia
Tedi Heriyanto