AISEC > Security News > Malware

// MALWARE

// MALWARE

6 articles
All Zero-Day Ransomware Phishing Supply Chain AI Security Data Breaches Malware Vulnerabilities Attacks Security
2026-02-25 The Hacker News
Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Security researchers disclosed multiple vulnerabilities in Anthropic's Claude Code that could enable remote code execution and API key theft through exploits in Hooks, MCP servers, and environment variables. This represents an actual vulnerability disclosure affecting a real product with potential impact on users and their credentials.

2026-02-25 BleepingComputer
Fake Next.js job interview tests backdoor developer's devices

Microsoft Defender discovered a coordinated malware campaign targeting software developers using fake Next.js repositories and fraudulent technical interview tests to distribute backdoors. This represents an active attack with real victims (developers) and specific malicious infrastructure.

2026-02-23 The Hacker News
MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP

Iranian hacking group MuddyWater conducted an active malware campaign called Operation Olalampo targeting MENA organizations, deploying new malware families including GhostFetch, CHAR, and HTTP_VIP. This represents a specific, ongoing threat campaign against real targets with newly discovered malware tools.

2026-02-20 Dark Reading
Attackers Use New Tool to Scan for React2Shell Exposure

Security researchers discovered that threat actors are actively using a new toolkit to scan for and exploit React2Shell vulnerabilities in high-value networks. This represents an actual active malware campaign targeting a specific vulnerability with real exploitation attempts in the wild.

2026-02-20 The Hacker News
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration

Threat actors are actively exploiting a critical vulnerability (CVE-2026-1731, CVSS 9.9) in BeyondTrust Remote Support and Privileged Remote Access products to deploy web shells, backdoors, and conduct data exfiltration attacks. This represents a real, active security incident involving actual exploitation of a disclosed vulnerability.

2026-02-20 SecurityWeek
FBI: $20 Million Losses Caused by 700 ATM Jackpotting Attacks in 2025

The FBI reported that Ploutus malware was used in approximately 700 ATM jackpotting attacks during 2025, resulting in $20 million in losses. This represents an active malware campaign with real financial impact on actual victims (banks and ATM operators).