Cybersecurity researchers at CloudSEK have exposed an attack campaign targeting aspiring hackers. The operation involves a weaponized version of the XWorm Remote Access Trojan (RAT) builder, primarily distributed through GitHub and other online platforms. The malware, once installed, performs harmful activities including data exfiltration, remote command execution, and File encryption for ransomware operations. The campaign has compromised over 18,459 devices worldwide, particularly in Russia, the US, India, Ukraine, and Turkey.

Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers
Cybersecurity researchers have revealed details about Outlaw, an “auto-propagating” cryptocurrency mining botnet that targets SSH servers with weak credentials. The Romanian-origin malware performs SSH brute-force