Top 10 last week's threats by uploads 🌐 ⬆️ #Amadey 963 (156) ⬇️ #Remcos 880 (923) ⬇️ #Xworm 792 (967) ⬆️ #Lumma 673 (659) ⬆️ #Tofsee 535 (144) ⬆️ #Snake 403 (326) ⬇️ #Asyncrat 380 (433) ⬇️ #Stealc 157 (171) ⬇️ #Agenttesla 153 (245) ⬇️ #Vidar 151 (178) Track them all:

New: Watch out as a new Microsoft Teams vishing attack spotted hackers abusing TeamViewer and Quick Assist to drop malware. Read: hackread.com/microsoft-team… #CyberSecurity #Vishing #TeamViewer #MicrosoftTeams

#lumma #lummac2 Update

x.com/i/article/1910…

My first blog post with Sublime Security! We followed an infostealer campaign that had some very weird and fun levels of obfuscation.

Fresh #Clickfix design campaign spreading #Lumma stealer on X ads impersonating AI sites /newflave.rf.gd /gltgirl.rf.gd Payload: /kutt.it/ReStarT >> /snippet.host/migppg Build hosted on Azure DevOps repo Detonation: app.any.run/tasks/617fda4e…

How do you catch a DPRK actor you ask? Here are a few things to think about; 1. They love to use a VPN when applying for jobs. Check your HR system.

Top 10 last week's threats by uploads 🌐 ⬇️ #Lumma 569 (1077) ⬆️ #Tofsee 363 (263) ⬇️ #Xworm 309 (1099) ⬇️ #Asyncrat 290 (395) ⬆️ #Neconyd 283 (169) ⬇️ #Snake 254 (379) ⬇️ #Remcos 232 (566) ⬇️ #Amadey 156 (380) ⬆️ #Formbook 134 (78) ⬇️ #Agenttesla 114 (271) Track them all:

Seems legit

🚨Darcula Phishing-as-a-Service (PhaaS) Platform Integrates Generative AI, Lowering the Barrier for Threat Actors

I don't know what they're putting in the water, but these anime profile-picture nerds are cookin' .es3n1n reverse engineered Windows Security Center service and found how to interop with it. This includes disabling it and being a memester See attached post for details

Top 10 last week's threats by uploads 🌐 ⬆️ #Lumma 753 (524) ⬆️ #Remcos 556 (130) ⬆️ #Xworm 427 (163) ⬆️ #Asyncrat 349 (165) ⬆️ #Snake 342 (182) ⬆️ #Agenttesla 299 (119) ⬆️ #Amadey 194 (185) ⬇️ #Neconyd 190 (286) ⬆️ #Quasar 114 (74) ⬆️ #Dcrat 87 (74) Track them all:

Give me a D, give me an R, give me a... you get it, DRPK. softdeveng9211[@]outlook[.]com fullstackdev3546[@]gmail[.]com

🚨 The Fake Ledger That Stole Everything (1/8) James* thought he was safe. He used a Ledger hardware wallet, kept his 24 words private, and followed every crypto security tip out there. Then one day… a package arrived. 🧵👇

Given the recent events with VMPSoft DMCA'ing educational YouTube videos demonstrating how to unpack malware protected with VMProtect, we have decided to release a free to use unpacker which works for all versions of VMP 3.x including the most recent version. Simply sign

Top 10 last week's threats by uploads 🌐) ⬇️ #Lumma 733 (825) ⬆️ #Asyncrat 494 (447) ⬇️ #Remcos 491 (624) ⬆️ #Snake 432 (338) ⬇️ #Xworm 430 (440) ⬆️ #Amadey 249 (224) ⬇️ #Agenttesla 221 (265) ⬆️ #Dcrat 216 (126) ⬆️ #Stealc 136 (130) ⬆️ #Quasar 132 (78) Track them all:

A new clickfix technique, FileFix, developed by mr.d0x, is being used in the wild—poorly. Website tersmoles[.]com delivers a "Legitimate Chrome Installer" using FileFix. The attacker didn’t even change the path and filename—just copy-pasted code directly from demo website

https[://]fz79.ogyhr[.]es/ virustotal.com/gui/url/bfc0c7… #Tycoon2FA #Phishing

Experience Tron: Ares, filmed for IMAX, in theaters October 10.