Cybercriminals are reportedly targeting people interested in pirated and cracked software downloads by exploiting YouTube and Google search results. Researchers at Trend Micro have observed threat actors posing as “guides” providing legitimate software installation tutorials, whilst including malware in links to software downloads. The attackers often use trusted file hosting services to hide the source of their malware and make its detection and removal more challenging. The operation appears to resemble a campaign from approximately a year ago that spread Lumma Stealer malware via weaponized YouTube channels.

FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites
The Russian cybercrime group FIN7 is linked to a Python-based backdoor named Anubis, providing them remote access to compromised Windows systems, says Swiss cybersecurity firm