Fortinet’s FortiGuard Labs recently caught a phishing campaign in the wild with a malicious Excel document attached to the phishing email. Fortinet researchers performed a deep analysis on the campaign and discovered that it delivers a new variant of Snake Keylogger.
Snake Keylogger (aka “404 Keylogger” or “KrakenKeylogger”) is a subscription-based keylogger with many capabilities. It is a .NET-based software originally sold on a hacker forum. Once executed on a victim’s computer, it has the ability to steal sensitive data, including saved credentials from web browsers and other popular software, the system clipboard, and basic device information. It can also log keystrokes and capture screenshots.
Read more…
Source: Fortinet
Related:
- Cisco warns of two more SD-WAN bugs under active attack
March 6, 2026
Just when network admins thought the Cisco SD-WAN patch queue might finally be shrinking, Switchzilla has confirmed miscreants are exploiting more vulnerabilities in its SD-WAN management software. The newly abused flaws affect Cisco Catalyst SD-WAN Manager, the platform formerly known as vManage that sits at the center of many organizations’ SD-WAN deployments. One of the bugs, ...
- Securing ambient AI in healthcare: governance is the new front line
March 5, 2026
Ambient AI is no longer experimental. It’s live. From AI-powered clinical documentation assistants to remote monitoring systems and intelligent patient engagement agents, healthcare organizations are embedding AI directly into care delivery. The promise is compelling: less administrative burden, faster insights, and more time with patients. But as AI enters clinical workflows, a more urgent question emerges: ...
- New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages
March 5, 2026
Trend Micro researchers recently found the existence of a new stealer binary that collects browser and cryptocurrency wallet data, system information, and common files, among others. The researchers designated this new stealer BoryptGrab. Certain variants of the stealer can download a PyInstaller backdoor, which Trend Micro refer to as TunnesshClient. TunnesshClient establishes a reverse Secure Shell ...
- Microsoft warns of new signed malware which deploys remote monitoring tools as backdoors
March 5, 2026
Microsoft is warning of a new phishing campaign which aims to deploy persistent backdoors to victim’s computers. In a new in-depth analysis, the company’s researchers said they recently spotted multiple phishing campaigns, currently not attributed to any known threat actors, which send out emails with weaponized PDF files (financial documents, invoices), fake meeting invitations, or organizational ...
- ‘Hundreds’ of Iranian hacking attempts have hit surveillance cameras since the missile strikes
March 4, 2026
Multiple Iranian hacking crews have been targeting internet-connected surveillance cameras across Israel and other Middle Eastern countries since the war started on February 28, according to Check Point security researchers. The Tel Aviv-based security shop has tracked “hundreds” of attempts to exploit a handful of bugs in IP cameras made by two manufacturers, Hikvision and Dahua, ...
- CIMB refutes claims of data breach involving 1.2 million records
March 4, 2026
CIMB Group Holdings Bhd has given assurance that claims circulating online about a data breach involving its customers are false and that customer data continues to be protected. The financial services provider said on social media platform X that its security teams have verified that all systems are secure and that customer data remains fully safeguarded. ...