Germany’s cybersecurity agency has found at least 30,000 devices with pre-installed malware, known as BadBox, which primarily targets Android devices. The infected devices had communication with hackers’ servers blocked, but those with outdated software are still at risk. Affected devices came with a built-in malware type that enables further malware injection, remote control, and device exploitation for illicit activities.
Yearlong supply-chain attack targeting security pros steals 390K credentials
Cybersecurity firm Datadog has revealed that actor MUT-1244 used proof-of-concept exploits and phishing emails to install malware @0xengine/xmlrpc, stealing around 390,000 credentials from infected machines.
