Storm-2561 spreads fake VPN installers via SEO poisoning and GitHub downloads, stealing enterprise VPN credentials with Hyrax malware.
Category: cybercrime/malcode – Page 6
FBI seeks victims of Steam games used to spread malware
The FBI is asking gamers who installed Steam titles containing malware to provide information as part of an ongoing investigation into eight malicious games uploaded to the gaming platform.
In a notice published today by the FBI’s Seattle Division, the agency said it is attempting to identify individuals who were affected after installing one of the malicious games on Steam between May 2024 and January 2026.
“The FBI’s Seattle Division is seeking to identify potential victims installing Steam games embedded with malware. The FBI believes the threat actor primarily targeted users between the timeframe of May 2024 and January 2026,” reads the notice.
Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys
Microsoft is rolling out passkey support for Microsoft Entra on Windows devices, adding phishing-resistant passwordless authentication via Windows Hello.
The feature is opt-in and will enter public preview from mid-March through late April 2026 for worldwide tenants. Government cloud environments (GCC, GCC High, and DoD) follow with mid-April through mid-May rollout windows.
Notably, this also extends passwordless sign-in to unmanaged Windows devices, a gap that previously left personal and shared devices relying on password-based authentication.
Google paid $17.1 million for vulnerability reports in 2025
Google paid over $17 million to 747 security researchers who reported security bugs through its Vulnerability Reward Program (VRP) in 2025.
The company says it has awarded over $81.6 million in bug bounties since the first Vulnerability Reward Program went live in 2010, while the highest reward paid last year was of $250,000.
“Our VRP once again confirmed the ongoing value of engaging with the external security research community to make Google and its products safer,” Google said.
AI-generated Slopoly malware used in Interlock ransomware attack
A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware attack.
The breach started with a ClickFix ruse, and in later stages of the attack, the hackers deployed the Slopoly backdoor as a PowerShell script acting as a client for the command-and-control (C2) framework.
IBM X-Force researchers analyzed the script and found strong indicators that it was created using a large language model (LLM), but could not determine which one.