TamperedChef serves bad ads, with infostealers as the main course
Sophos X-Ops explores a malvertising campaign that leverages Google Ads to distribute an infostealer
Categories: Threat Research
Tags: TamperedChef, EvilAI, infostealer, Sophos X-Ops
Similar Posts
⚡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More
Bys sCybersecurity today moves at the pace of global politics. A single breach can ripple across supply chains, turn a software flaw into leverage, or shift who holds the upper hand. For leaders, this means defense isn’t just a matter of firewalls and patches—it’s about strategy. The strongest organizations aren’t the ones with the most tools,…
Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
Bys sFrom Hogan Lovells: The rapid development of data protection laws across the Asia-Pacific region indicates significant movement toward certain standards, albeit with notable local policy variations across multiple areas. Our Asia-Pacific Data, Privacy, and Cybersecurity Guide 2025 will explore these developments, key initiatives in major APAC jurisdictions, and the implications of an ever-changing regulatory landscape….
Fake Chrome Extension “Safery” Steals Ethereum Wallet Seed Phrases Using Sui Blockchain
Bys sCybersecurity researchers have uncovered a malicious Chrome extension that poses as a legitimate Ethereum wallet but harbors functionality to exfiltrate users’ seed phrases. The name of the extension is “Safery: Ethereum Wallet,” with the threat actor describing it as a “secure wallet for managing Ethereum cryptocurrency with flexible settings.” It was uploaded to the Chrome…
RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers
Bys sCybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things (IoT) devices and web applications to enroll them into a botnet known as RondoDox. As of December 2025, the activity has been observed leveraging the recently disclosed React2Shell (CVE-2025-55182, CVSS score: 10.0) flaw as an initial access vector, CloudSEK…
SC: Spartanburg County hit by cyberattack, some online services disrupted
Bys sStephanie Moore reports: Spartanburg County officials reported Friday that the county experienced a cybersecurity incident earlier this week. Scottie Kay Blackwell, the county communications manager, said the cyberattack immediately triggered a response from the network software, cybersecurity vendor, and law enforcement. Blackwell said the attack was contained by the county’s software platforms and personnel. The……
GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories
Bys sCybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using the continuous integration and continuous delivery (CI/CD) workflow. The incident involved the tj-actions/changed-files GitHub Action, which is used in over 23,000 repositories. It’s used to track and retrieve all