In June 2026, Kaspersky observed a malware campaign distributing malicious VBScript files through direct messages in WhatsApp. The campaign affected users across multiple countries and territories, including Malaysia, Brazil, India, Mexico, Singapore, UK, Spain, Taiwan, Australia, Russia and Vietnam, with the highest number of victims observed in Malaysia. At the time of writing this article, the campaign is still active.
Analysis shows that the campaign primarily targets users of WhatsApp Desktop and WhatsApp Web. The threat actor uses deceptive file names masquerading as business and financial documents to persuade recipients to download and execute the attachment.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- VF Corp’s cyber incident causes data breach of 35.5 million consumers
January 19, 2024
Vans sneaker maker VF Corp said on Thursday the cyber incident that hit the company in December led to a breach of personal data of about 35.5 million consumers, and added that it does not expect a material impact to its financials. The unauthorized activity, detected on Dec. 13, disrupted global customer orders on its e-commerce ...
- Carnegie Mellon University hit by cyberattack, informs 7,300 people possibly affected
January 19, 2024
Carnegie Mellon University informed about 7,300 people that their personal information may have been compromised in an August cyberattack that was quietly investigated by law enforcement and the university. The breach impacting one of the nation’s top schools for computing was acknowledged by the university as higher education in general faces a growing assault by digital ...
- Chinese Espionage Group UNC3886 Found Exploiting CVE-2023-34048 Since Late 2021
January 19, 2024
While publicly reported and patched in October 2023, Mandiant and VMware Product Security have found UNC3886, a highly advanced China-nexus espionage group, has been exploiting CVE-2023-34048 as far back as late 2021. These findings stem from Mandiant’s continued research of the novel attack paths used by UNC3886, which historically focuses on technologies that are unable to ...
- Ukrainian hackers steal construction plans for 500 Russian military sites
January 18, 2024
Hackers from the group Blackjack, purportedly affiliated with Ukraine’s SBU security service, have breached a Russian state enterprise involved in construction work for the Russian military, and downloaded over 1.2 TB of data, a Ukrainian law enforcement source told NV on Jan. 18. The data from Russia’s Main Military Construction Directorate for Special Projects included more ...
- Chinese drones may pose security risks, US agencies warn
January 18, 2024
Chinese-made drones could pose a national security risk to the United States due to laws in China that force companies to provide authorities access to user data, two U.S. agencies say in a new memo. These “unmanned aircraft systems,” or UAS, are often used by operators of critical infrastructure in the United States without regard to ...
- Update Chrome – Google patches actively exploited zero-day vulnerability
January 18, 2024
Google has released an update for Chrome which includes four security fixes, including one for a vulnerability that has reportedly already been exploited. The easiest way to update Chrome is to allow it to update automatically, which basically uses the same method as outlined below but does not require your attention. But you can end up ...

