Swiss hackers are delivering malware via physical mail, recommending recipients to download a “Severe Weather Warning App”. The mail appears to be from the Federal Office of Meteorology and Climatology, complete with a QR code leading to a fake website which looks like the Google Play Store. The app contains malware that can intercept two-factor authentication and steal sensitive banking information. Users are advised to check sources of apps and use strong two-factor authentication.
Cryptomining Malware Found in Popular Open Source Packages
Security researchers from ReversingLabs have uncovered a series of high-profile compromises targeting popular open-source packages, highlighting the growing risk of malicious code infiltration in widely-used
