The Hacker News

Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL

WhatsApp malware SORVEPOTEL infects 477 systems in Brazil, spreading via phishing ZIP files and spamming contacts.
The Hacker News

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

XWorm V6.0 is designed to connect to its C2 server at 94.159.113 [.]64 on port 4411 and supports a command called "plugin" to ...

XWorm malware resurfaces with ransomware module, over 35 plugins

New versions of the XWorm backdoor are being distributed in phishing campaigns after the original developer, XCoder, ...
Infosecurity Magazine

Confucius Shifts from Document Stealers to Python Backdoors

The Confucius cyber-espionage group has shifted its tactics from document-focused stealers to Python-based backdoors like ...