Threat actors are targeting popular password manager, KeePass, to spread malware and extract sensitive credentials. The attacks involve tampered download links and trojanized versions of KeePass which mimic legitimate software but executes malicious code in the background. Thousands of global users, particularly in financial services, healthcare, and government sectors, may already be compromised. The malware can harvest not just KeePass data, but also browser-based passwords, authentication cookies, and cryptocurrency wallet credentials.
Cybercriminals Use Malware-Laced Fake Resumes to Target Recruiters
Cybersecurity firm Arctic Wolf Labs warns of an ongoing spear-phishing campaign ‘Venom Spider’ or ‘TA4557’ targeting recruiters and hiring managers with malware hidden in phony
