Gootloader inside out
Open-source intelligence reveals the server-side code of this pernicious SEO-driven malware – without needing a lawyer afterward
Similar Posts
Product Review: How Reco Discovers Shadow AI in SaaS
Bys sAs SaaS providers race to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the world of AI: shadow AI. Shadow AI refers to the unauthorized use of AI tools and copilots at organizations. For example, a developer using ChatGPT to assist with writing code, a salesperson…
Researchers Demonstrate How MCP Prompt Injection Can Be Used for Both Attack and Defense
Bys sAs the field of artificial intelligence (AI) continues to evolve at a rapid pace, new research has found how techniques that render the Model Context Protocol (MCP) susceptible to prompt injection attacks could be used to develop security tooling or identify malicious tools, according to a new report from Tenable. MCP, launched by Anthropic in…
Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
Bys sRavie Lakshmanan reports: The notorious cybercrime group known as Scattered Spider is targeting VMware ESXi hypervisors in attacks targeting retail, airline, and transportation sectors in North America. “The group’s core tactics have remained consistent and do not rely on software exploits. Instead, they use a proven playbook centered on phone calls to an IT help desk,” Google’s…
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
Bys sThe China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign that compromised multiple organizations in an unnamed Southeast Asian country between August 2024 and February 2025. “Targets included a government ministry, an air traffic control organization, a telecoms operator, and a construction company,” the Symantec Threat Hunter Team said in…
Apple Fined €150 Million by French Regulator Over Discriminatory ATT Consent Practices
Bys sApple has been hit with a fine of €150 million ($162 million) by France’s competition watchdog over the implementation of its App Tracking Transparency (ATT) privacy framework. The Autorité de la concurrence said it’s imposing a financial penalty against Apple for abusing its dominant position as a distributor of mobile applications for iOS and iPadOS…
Ex-NSA bad-guy hunter listened to Scattered Spider’s fake help-desk calls: ‘Those guys are good’
Bys sJessica Lyons reports: The call came into the help desk at a large US retailer. An employee had been locked out of their corporate accounts. But the caller wasn’t actually a company employee. He was a Scattered Spider criminal trying to break into the retailer’s systems – and he was really good, according to Jon…