Cybersecurity researchers from Sekoia have warned of hundreds of fake Reddit and WeTransfer pages used to deploy the Lumma Stealer malware. The well-built fake Reddit pages display threads where users share links to fake WeTransfer pages to download malware. The URLs of these pages contain official brand names and sit on .org and .net domains, enhancing their appearance of legitimacy. The actual malware is hosted on “weighcobbweo[.]top.” The targets often depend on the type of software being faked.

New Triada comes preinstalled on Android devices
A new variant of the Triada Trojan has been discovered pre-installed on Android devices, enabling data theft from the moment the device is set up,