Mastodawn

Claude Code: falsi repository GitHub distribuiscono malware
GitHub è da sempre sfruttata per distribuire malware. Un cybercriminale ha prontamente sfruttato il leak del codice sorgente di Claude Code per creare falsi repository che nascondono il noto infostealer Vidar. È sufficiente una ricerca su Google per finire nella trappola. I repository non sono stati ancora rimossi dalla piattaforma.

#github #malware #claudecode #infostealer #vidar

#sicurezzaonline #repository

https://www.punto-informatico.it/claude-code-falsi-repository-github-distribuiscono-malware/

Claude Code: falsi repository GitHub distribuiscono malware

Un cybercriminale ha creato due repository su GitHub che dovrebbero contenere il codice sorgente di Claude Code, invece nascondono l'infostealer Vidar.

Punto Informatico

ANY.RUN 5d ago

Top 10 last week's threats by uploads 🌐
⬇️ #Stealc 581 (600)
⬇️ #Asyncrat 493 (541)
⬇️ #Xworm 460 (509)
⬆️ #Remcos 389 (272)
⬆️ #Vidar 371 (368)
⬇️ #Gh0st 274 (298)
⬆️ #Salatstealer 243 (195)
⬆️ #Quasar 221 (185)
⬆️ #Lokibot 217 (119)
⬇️ #Agenttesla 196 (216)
Explore malware in action: https://app.any.run/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=300326&utm_content=linktoregister#register

#cybersecurity #infosec

ANY.RUN Mar 23

Top 10 last week's threats by uploads 🌐
⬆️ #Stealc 600 (403)
⬇️ #Asyncrat 541 (782)
⬆️ #Xworm 510 (431)
⬆️ #Vidar 368 (351)
⬆️ #Gh0st 298 (281)
⬆️ #Remcos 272 (267)
⬇️ #Agenttesla 216 (307)
⬇️ #Dcrat 201 (427)
⬆️ #Salatstealer 195 (181)
⬇️ #Quasar 185 (187)
Explore malware in action: https://app.any.run/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=230326&utm_content=linktoregister#register

OTX Bot Mar 17

Hacked sites deliver Vidar infostealer to Windows users

Pulse ID: 69b9c80f89362ac9f8aa31ac
Pulse Link: https://otx.alienvault.com/pulse/69b9c80f89362ac9f8aa31ac
Pulse Author: Tr1sa111
Created: 2026-03-17 21:30:55

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #InfoStealer #OTX #OpenThreatExchange #Vidar #Windows #bot #Tr1sa111

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange

Italian News by RSS Mar 17

Punto Informatico: Siti web distribuiscono malware con finti CAPTCHA

Una nuova variante del noto attacco ClickFix sfrutta i CAPTCHA su siti WordPress compromessi per ingannare l'utente e installare l'infostealer Vidar.
The post Siti web distribuiscono malware con finti CAPTCHA appeared first on Punto Informatico.

Websites are distributing malware using fake CAPTCHAs.

A new variant of the well-known ClickFix attack exploits CAPTCHAs on compromised WordPress sites to trick the user and install the info-stealer Vidar.
The post Websites distribute malware with fake CAPTCHAs appeared first on Punto Informatico.

#ClickFix #WordPress #Vidar #first #PuntoInformatico

https://www.punto-informatico.it/siti-web-distribuiscono-malware-finti-captcha/

Siti web distribuiscono malware con finti CAPTCHA

Una nuova variante del noto attacco ClickFix sfrutta i CAPTCHA su siti WordPress compromessi per ingannare l'utente e installare l'infostealer Vidar.

Punto Informatico

Hackread.com Mar 17

The upgraded version of #Vidar infostealer is being spread via Reddit and GitHub, hidden in fake game cheats for popular titles like Fortnite and Counter-Strike, targeting young gamers.

Read: https://hackread.com/vidar-2-0-infostealer-fake-game-cheats-github-reddit/

#CyberSecurity #Gaming #Infostealer #Fortnite #CounterStrike

New Vidar 2.0 Infostealer Spreads via Fake Game Cheats on GitHub, Reddit

New Vidar 2.0 Infostealer spreads via fake game cheats on GitHub and Reddit, stealing crypto, login tokens, and files while targeting gamers ignoring security warnings

Hackread - Cybersecurity News, Data Breaches, AI and More

OTX Bot Mar 17

Hacked sites deliver Vidar infostealer to Windows users

A recent cybercrime campaign uses compromised WordPress websites to distribute the Vidar infostealer malware to Windows users. The attack employs fake CAPTCHA pages that trick victims into running malicious commands. The infection chain involves an HTA script, which downloads and executes a malicious MSI installer. This installer then deploys a GoLang loader that ultimately decrypts and loads the Vidar infostealer into memory. The campaign targets users in multiple countries, including Italy, France, the United States, the United Kingdom, and Brazil. The attackers inject malicious code into WordPress sites, which filters visitors and displays the fake CAPTCHA page to Windows desktop users.

Pulse ID: 69b91a3de2106fb26b3bff52
Pulse Link: https://otx.alienvault.com/pulse/69b91a3de2106fb26b3bff52
Pulse Author: AlienVault
Created: 2026-03-17 09:09:17

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Brazil #CAPTCHA #CyberCrime #CyberSecurity #France #Golang #InfoSec #InfoStealer #Italy #Malware #OTX #OpenThreatExchange #RDP #UnitedKingdom #UnitedStates #Vidar #Windows #Word #Wordpress #bot #AlienVault

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange

ANY.RUN Mar 16

Top 10 last week's threats by uploads 🌐
⬆️ #Asyncrat 782 (533)
⬆️ #Xworm 431 (350)
⬆️ #Dcrat 427 (268)
⬆️ #Stealc 403 (215)
⬆️ #Vidar 351 (249)
⬆️ #Agenttesla 309 (241)
⬆️ #Gh0st 281 (143)
⬆️ #Remcos 270 (193)
⬆️ #Quasar 187 (158)
⬇️ #Salatstealer 181 (189)
Explore malware in action: https://app.any.run/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=160326&utm_content=linktoregister#register