https://winbuzzer.com/2026/03/21/ghostclaw-npm-fake-steals-macos-developer-credentials-xcxwbn/
GhostClaw Fake OpenClaw Installer Steals macOS Dev Credentials
#AI #Ghostclaw #OpenClaw #JFrog #npm #Cybersecurity #Malware #macOS #GitHub #Cybercrime #Hackers #Cyberattacks #DataTheft
Your iPhone can be hacked in minutes and DarkSword shows how easy it is
https://fed.brid.gy/r/https://nerds.xyz/2026/03/darksword-ios-exploit/
Technical Analysis of SnappyClient
Zscaler ThreatLabz identified a new command-and-control framework implant called SnappyClient, delivered via HijackLoader. SnappyClient is a C++-based implant with data theft and remote access capabilities. It employs evasion techniques like AMSI bypass, Heaven's Gate, direct system calls, and transacted hollowing. The malware receives configuration files from its C2 server and uses a custom encrypted network protocol. SnappyClient's main functions include stealing browser data, taking screenshots, keylogging, and providing remote shell access. Analysis suggests potential ties to HijackLoader based on code similarities. The primary goal appears to be cryptocurrency theft, targeting wallet addresses and crypto-related applications.
Pulse ID: 69bac510532c2199bd470e30
Pulse Link: https://otx.alienvault.com/pulse/69bac510532c2199bd470e30
Pulse Author: AlienVault
Created: 2026-03-18 15:30:24
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Browser #CyberSecurity #DataTheft #HijackLoader #InfoSec #Malware #OTX #OpenThreatExchange #RAT #ThreatLabz #Zscaler #bot #cryptocurrency #AlienVault
Analysis of the Spear-Phishing and KakaoTalk-Linked Threat Campaign
The Konni Group conducted a sophisticated multi-stage attack campaign, initiating with a spear-phishing email disguised as a North Korean human rights lecturer appointment. The attack progressed through execution of a malicious LNK file, installation of remote access malware, and long-term persistence for data theft. A key feature was the unauthorized access to victims' KakaoTalk PC applications, used to distribute additional malicious files to selected contacts. The campaign employed multiple RAT families, including EndRAT, RftRAT, and RemcosRAT, with a distributed C2 infrastructure across Finland, Japan, and the Netherlands. The threat actor's tactics included trust-based propagation, account session abuse, and modular payload deployment, highlighting the need for advanced behavior-based detection and multi-layered defense strategies.
Pulse ID: 69ba831f2287b29db4e4645e
Pulse Link: https://otx.alienvault.com/pulse/69ba831f2287b29db4e4645e
Pulse Author: AlienVault
Created: 2026-03-18 10:49:03
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #DRat #DataTheft #Email #Finland #ICS #InfoSec #Japan #Konni #Korea #LNK #Malware #NorthKorea #OTX #OpenThreatExchange #Phishing #RAT #Remcos #RemcosRAT #Rust #SpearPhishing #TheNetherlands #bot #AlienVault
MAAS VIP_Keylogger Campaign
A sophisticated keylogger campaign has been discovered, utilizing spear-phishing emails with attachments containing hidden malware. The campaign targets multiple countries, employing various packaging styles and execution methods. The malware, known as VIP_Keylogger, is delivered using steganography and process hollowing techniques. It focuses on stealing sensitive information from browsers, email clients, and other applications. The keylogger captures browser data, decrypts passwords, and exfiltrates information through multiple channels, including email. While some features appear disabled, the malware demonstrates advanced capabilities in data theft and evasion techniques.
Pulse ID: 69b7e0b1a4e3419dfc024013
Pulse Link: https://otx.alienvault.com/pulse/69b7e0b1a4e3419dfc024013
Pulse Author: AlienVault
Created: 2026-03-16 10:51:29
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Browser #CyberSecurity #DataTheft #Email #InfoSec #KeyLogger #MaaS #Malware #OTX #OpenThreatExchange #Password #Passwords #Phishing #RAT #SpearPhishing #Steganography #Word #bot #AlienVault
#Doge #SSAdministration #DataTheft
Whistleblower claims ex-DOGE member says he took Social Security data to new job: Washington Post
Whistleblower claims ex-DOGE member says he took Social Security data to new job: Washington Post
The Social Security inspector general’s office is investigating allegations that the former DOGE engineer took sensitive data on a thumb drive in a major potential security breach, said people familiar with the process.
A former Nuance Communications employee pleaded guilty in federal court to obtaining information from a protected computer without authorization after accessing and copying data associated with more than 1.2 million Geisinger Health System patient records. Guilty Plea in Federal Court Max Vance, 46, of El Cajon, California, entered a guilty plea on February 27, 2026 ... Read more
ƧƿѦςɛ♏ѦਹѤʞ
Winbuzzer
NERDS.xyz – Real Tech News for Real Nerds
OTX Bot
br00t4c
Wm.son
Defensorum