Notícias

EDRi launches new resource to document abuses and support a full ban on spyware in Europe

Spyware continues to spread across Europe despite years of scandals and undisputable evidence of fundamental rights violations. As the European Commission remains inactive, civil society, journalists and some lawmakers at the European Parliament are stepping up pressure for accountability. In this context, EDRi is launching a document pool to centralise resources that tracks abuse and support the growing push for a full EU-wide ban of spyware. The post EDRi launches new resource to document abuses and support a full ban on spyware in Europe appeared first on European Digital Rights (EDRi).

VoidLink shows how one developer used AI to build a powerful Linux malware

VoidLink is a cloud-focused Linux malware, likely built by one person using AI, offering loaders, implants, rootkit evasion, and modular plugins. Check Point researchers uncovered VoidLink, a cloud-focused Linux malware framework likely built by a single developer with help from an AI model. VoidLink includes custom loaders, implants, rootkit-based evasion features, and dozens of plugins […]

EDRi-gram, 21 January 2026

What has the EDRi network been up to over the past few weeks? Find out the latest digital rights news in our bi-weekly newsletter. In this edition: EDRi's 2025 year in review, new resource to support an EU spyware ban, DSA delayed in Poland, & more! The post EDRi-gram, 21 January 2026 appeared first on European Digital Rights (EDRi).

VoidLink cloud malware shows clear signs of being AI-generated

The recently discovered cloud-focused VoidLink malware framework is believed to have been developed by a single person with the help of an artificial intelligence model. [...]

ClickFix to CrashFix: KongTuke Used Fake Chrome Ad Blocker to Install ModeloRAT

Huntress discovers 'CrashFix,' a new attack by KongTuke hacker group using fake ad blockers to crash browsers and trick office workers into installing ModeloRAT malware.

PDFSIDER Malware - Exploitation of DLL Side-Loading for AV and EDR Evasion

Threat actors use PDFSIDER malware with social engineering and DLL sideloading to bypass AV/EDR, and ransomware gangs already abuse it. Resecurity has learned about PDFSIDER during an investigation of a network intrusion attempt that was successfully prevented by a Fortune 100 energy corporation. The threat actor contacted their staff, impersonating technical support, and used social […]

APT-Grade PDFSider Malware Used by Ransomware Groups

Providing cyberespionage and remote code execution capabilities, the malware is executed via DLL sideloading. The post APT-Grade PDFSider Malware Used by Ransomware Groups appeared first on SecurityWeek.

New PDFSider Windows malware deployed on Fortune 100 firm's network

Ransomware attackers targeting a Fortune 100 company in the finance sector used a new malware strain, dubbed PDFSider, to deliver malicious payloads on Windows systems. [...]

StealC malware control panel flaw leaks details on active attacker

Researchers uncovered an XSS flaw in StealC malware's control panel, exposing key details about a threat actor using the info stealer. StealC is an infostealer that has been active since at least 2023, sold as Malware-as-a-Service to steal cookies and passwords. In 2025, its operators released StealC v2, but the web panel quickly leaked and […]

Researchers Uncover PDFSIDER Malware Built for Long-Term, Covert System Access

New malware PDFSIDER enables covert, long-term access to compromised systems via advanced techniques