Notícias

Wireshark 4.6.4 resolves dissector flaws, plugin compatibility issue

Packet inspection remains a routine activity across enterprise networks, incident response workflows, and malware investigations. Continuous use places long-term stability and parsing accuracy at the center of daily operations. Wireshark version 4.6.4 addresses two vulnerabilities affecting protocol dissectors and resolves a plugin compatibility issue within the 4.6 release series. Dissector vulnerabilities resolved The update fixes a crash in the HTTP3 dissector and an infinite loop in the MEGACO dissector. Both flaws could interrupt analysis activity … More → The post Wireshark 4.6.4 resolves dissector flaws, plugin compatibility issue appeared first on Help Net Security.

Hottest cybersecurity open-source tools of the month: February 2026

This month's roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Pompelmi: Open-source secure file upload scanning for Node.js Software teams building services in JavaScript are adding more layers of defense to handle untrusted file uploads. An open-source project called Pompelmi aims to insert malware scanning and policy checks directly into Node.js applications before files reach storage or business logic. Allama: Open-source AI security automation Allama is an … More → The post Hottest cybersecurity open-source tools of the month: February 2026 appeared first on Help Net Security.

Malware Analysis: How to Analyze and Understand Malware

Malware analysis is an amazing field that can be interesting, fun, and useful for your cybersecurity career. If you're wondering WHY anyone would want to dig into malware, it's all for a better understanding of cybersecurity! The post Malware Analysis: How to Analyze and Understand Malware appeared first on Black Hills Information Security, Inc..

$300 a Month Android Malware 'Oblivion' Uses Fake Updates to Hijack Phones

Cybersecurity researchers at Certo reveal Oblivion, a new Android Trojan targeting major brands like Samsung and Xiaomi. It bypasses security to steal passwords and bank codes.

Medical Device Maker UFP Technologies Hit by Cyberattack

UFP Technologies appears to have been targeted in a ransomware attack that involved data theft and file-encrypting malware. The post Medical Device Maker UFP Technologies Hit by Cyberattack appeared first on SecurityWeek.

Self-spreading npm malware targets developers in new supply chain attack

Security researchers have uncovered another supply chain attack targeting developers: 19 typosquatting npm packages published on npmjs.com that steal credentials, infect projects, and propagate themselves across developer environments. The operation, dubbed “SANDWORM_MODE,” represents a (still) rare example of worm-like malware designed to spread through software supply chains rather than traditional end-user systems. New npm worm builds on Shai-Hulud's playbook After last year's bombshell appearance of the self-replicating “Shai-Hulud” worm on the official npm registry, the … More → The post Self-spreading npm malware targets developers in new supply chain attack appeared first on Help Net Security.

New 'Sandworm_Mode' Supply Chain Attack Hits NPM

The malicious code propagates like a worm, poisons AI assistants, exfiltrates secrets, and contains a destructive dead switch. The post New 'Sandworm_Mode' Supply Chain Attack Hits NPM appeared first on SecurityWeek.

New ZeroDayRAT Malware Claims Full Monitoring of Android and iOS Devices

Meet ZeroDayRAT, a newly advertised malware targeting Android and iOS devices with surveillance, location tracking, and crypto theft tools sold via Telegram as a MaaS service.

'Arkanix Stealer' Malware Disappears Shortly After Debut

Written in C++ and Python, the malware exfiltrates system information, browser data, and steals files. The post 'Arkanix Stealer' Malware Disappears Shortly After Debut appeared first on SecurityWeek.

Fake CAPTCHA attacks exploded by 563% last year: How to spot them and stay safe online

You might not think of a CAPTCHA check as a cybercrime lure, but if you fall prey to one, you may become infected with malware. Learn how to spot them with our guide.