A novel malware named JaskaGO, built using the Go programming language, is threatening Windows and Apple macOS systems by impersonating legitimate software installers like CapCut. AT&T Alien Labs discovered it, noting its extensive command array from its control server and capabilities to modify clipboard for cryptocurrency theft. It can self-run with root permissions, disable Gatekeeper protections, and auto-launch during system startup. Its distribution method remains unknown.
GuidePoint warns of Python backdoor used in ransomware
GuidePoint Security identified a threat actor using a Python-based backdoor to persistently access breached endpoints and release RansomHub encryptors across compromised networks. The backdoor was