Posts by Spartech Software

SANS ISC dissects a three-module malware that steals Chromium-based browser credentials, exfiltrates sensitive files, and opens a WebSocket backdoor.

Canadian police arrested a 23-year-old alleged administrator of the Kimwolf IoT botnet, which powered record DDoS attacks, amid ongoing U.S. cross-border probe.

GitHub says a poisoned VS Code extension on an employee device led to exfiltration of about 3,800 internal repos, likely via the compromised Nx Console.

GitHub is investigating claims by supply‑chain actor TeamPCP that it breached around 4,000 internal repositories, as researchers warn of wider fallout.

A new phishing-as-a-service platform abusing Microsoft OAuth device codes shows how attackers bypass MFA with consent tokens instead of passwords.

New macOS info-stealer SHub Reaper is spreading via trojanized WeChat and Miro installers, spoofing Google, Microsoft and Apple logins.

Security researchers are touting new Windows zero-day bugs dubbed YellowKey, GreenPlasma and MiniPlasma, but so far there are no CVEs or patches as Microsoft battles exploited flaws.

INTERPOL’s Operation Ramz led to 201 arrests, 382 more suspects identified and 53 servers seized in the first region-wide cybercrime sweep across MENA.

Four newly discovered npm packages deliver infostealers and worm-like malware tied to Shai-Hulud code reuse, prompting urgent removal and token checks.

Researcher Nightmare-Eclipse has released YellowKey, a Windows BitLocker bypass in WinRE that exposes encrypted drives; no Microsoft patch yet.