A new info-stealing malware called Torg Grabber is stealing sensitive data from 850 browser extensions, more than 700 of them for cryptocurrency wallets.
Initial access is obtained through the ClickFix technique by hijacking the clipboard and tricking the user into executing a malicious PowerShell command.
According to researchers at cybersecurity company Gen Digital, Torg Grabber is actively developed, with 334 unique samples compiled in three months (between December 2025 and February 2026) and new command-and-control (C2) servers registered every week.
A new exploit kit for iOS devices and delivery framework dubbed “DarkSword” has been used to steal a wide range of personal information, including data from cryptocurrency wallet apps.
DarkSword targets iPhones running iOS 18.4 through 18.7 and is linked to multiple actors, including UNC6353, suspected to be Russian, who used the Coruna exploit chain disclosed earlier this month.
Researchers at mobile security company Lookout discovered DarkSword while investigating the infrastructure used for the Coruna attacks. Google’s Threat Intelligence Group and iVerify also collaborated for a more comprehensive analysis of this previously unknown threat and the adversaries leveraging it.
A new Android malware named BeatBanker can hijack devices and tricks users into installing it by posing as a Starlink app on websites masquerading as the official Google Play Store.
The malware combines banking trojan functions with Monero mining, and can steal credentials, as well as tamper with cryptocurrency transactions.
Kaspersky researchers discovered BeatBanker in campaigns targeting users in Brazil. They also found that the most recent version of the malware deploys the commodity Android remote access trojan called BTMOB RAT, instead of the banking module.
A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time passcodes, harvesting cryptocurrency wallet addresses, and proxying attacker traffic through victims’ browsers.
The attack leverages Progressive Web App (PWA) features and social engineering to deceive users into believing they are interacting with a legitimate Google Security web page and inadvertently installing the malware.
PWAs run in the browser and can be installed from a website, just like a standalone regular application, which is displayed in its own window without any visible browser controls.
Cybersecurity researchers have disclosed what they say is an active “Shai-Hulud-like” supply chain worm campaign that has leveraged a cluster of at least 19 malicious npm packages to enable credential harvesting and cryptocurrency key theft.
The campaign has been codenamed SANDWORM_MODE by supply chain security company Socket. As with prior Shai-Hulud attack waves, the malicious code embedded into the packages comes with capabilities to siphon system information, access tokens, environment secrets, and API keys from developer environments and automatically propagate by abusing stolen npm and GitHub identities to extend its reach.
“The sample retains Shai-Hulud hallmarks and adds GitHub API exfiltration with DNS fallback, hook-based persistence, SSH propagation fallback, MCP server injection with embedded prompt injection targeting AI coding assistants, and LLM API Key harvesting,” the company said.
The rapid advancement of technologies, particularly AI, is driving the world towards an economic singularity where the marginal cost of essentials approaches zero, leading to a deflationary future and a potential transformation of traditional systems and societies ##
## Questions to inspire discussion.
Education Transformation.
🎓 Q: How will AI reduce education time while improving effectiveness?
A: AI will customize education to each child’s learning style, reducing daily learning time to 1 hour per day while delivering 5 times more effective learning compared to traditional methods, with costs falling to zero within 3–5 years and breaking the university industry that currently creates massive student debt.
Healthcare Revolution.
A mysterious, extremely energetic particle, known as the Amaterasu particle, was detected coming from a distant region of space, and scientists have proposed explanations for its origin, potentially tracing it back to a starburst galaxy like Messier 82 ##
## Questions to inspire discussion.
Understanding Ultra-High Energy Cosmic Rays.
🔬 Q: What makes the Amaterasu particle exceptionally powerful? A: The Amaterasu particle detected in Utah in 2021 carries energy 40 million times higher than anything produced on Earth, equivalent to a baseball traveling at 100 km/h compressed into a single subatomic particle, making it one of the most energetic particles ever detected.
Solving the Origin Mystery.
🎯 Q: Where did scientists determine the Amaterasu particle actually originated? A: A 2026 study by Max Planck Institute scientists using approximate Bayesian computation and 3D magnetic field simulations traced the particle’s origin to a starburst galaxy like Messier 82, located 12 million light-years away, rather than the initially suspected local void with only six known galaxies.
Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign orchestrated by the North Korea-linked Lazarus Group.
The coordinated campaign has been codenamed graphalgo in reference to the first package published in the npm registry. It’s assessed to be active since May 2025.
“Developers are approached via social platforms like LinkedIn and Facebook, or through job offerings on forums like Reddit,” ReversingLabs researcher Karlo Zanki said in a report. “The campaign includes a well-orchestrated story around a company involved in blockchain and cryptocurrency exchanges.”
Support this channel on Patreon to help me make this a full time job: https://www.patreon.com/whatdamath (Unreleased videos, extra footage, DMs, no ads)
Alternatively, PayPal donations can be sent here: http://paypal.me/whatdamath.
Get a Wonderful Person Tee: https://teespring.com/stores/whatdamath.
More cool designs are on Amazon: https://amzn.to/3QFIrFX
Hello and welcome! My name is Anton and in this video, we will talk about a strange electrostatic world of tiny organisms.
Links:
https://www.pnas.org/doi/epdf/10.1073/pnas.2503555122
https://www.cell.com/action/showPdf?pii=S0960-9822%2823%2900674-7
http://cell.com/current-biology/fulltext/S0960-9822(23)00772-8
Other videos:
#biology #science #electrostatics.
0:00 Static phenomena and electrostatic ecology.
1:50 Pollen and bees.
3:00 Flying spiders and ballooning.
4:10 Ticks.
4:40 Electrosensation.
5:40 Worms and jumping.
7:50 Worm parasites.
9:50 Practical applications and aeroplankton.
Enjoy and please subscribe.
Bitcoin/Ethereum to spare? Donate them here to help this channel grow!
bc1qnkl3nk0zt7w0xzrgur9pnkcduj7a3xxllcn7d4
or ETH: 0x60f088B10b03115405d313f964BeA93eF0Bd3DbF
The hardware used to record these videos: