Weedhack Turns Minecraft Curiosity Into a Credential-Grabging Business

A subscription-style malware operation tied to Minecraft lures shows how fake mod sites, search poisoning, and social promotion can be turned into a repeatable theft pipeline.

Fake AI Logins Are the New Front Door for Credential Thieves

Attackers are leaning on the trust attached to familiar AI brands, steering users from search results and ads into counterfeit sign-in pages built to collect credentials.

Search Hijack: Fake Claude Code Pages Turn a Routine Install Into a Malware Trap

A reported SEO poisoning campaign impersonates the Claude Code setup path, showing how developer trust in search results can become an entry point for infostealers.

Fake AI Installer Pages Turn Search Traffic Into a Malware Trap

A search-led impersonation of Claude Code shows how modern social engineering can turn setup curiosity into an execution path for a reported .NET infostealer.

When a Mod Looks Like a Trap: WeedHack Turns Minecraft Curiosity into Malware Delivery

A Minecraft-focused malware campaign is using fake mods, search manipulation, and tutorial videos to pull players toward malicious Java archives.

When Search and Video Became the Delivery Route for a Minecraft Malware Lure

WeedHack is being circulated through YouTube and SEO poisoning, a reminder that attackers increasingly target the way users discover downloads, not just the files themselves.

From Job Lures to Hidden Loaders: The Stealth Shift Behind Nimbus Manticore

A reported IRGC-linked actor is being tied to MiniFast, a backdoor that highlights how modern espionage campaigns now blend social engineering, search manipulation, and trusted software paths.

Phishing Meets Search Poisoning in a New MiniFast and MiniJunk V2 Push

A reported Iran-nexus campaign blends inbox lures with manipulated search visibility, widening the path to malicious Windows payloads while keeping attribution careful and incomplete.

Search Results Became the Trap: Fake AI CLI Installers Turn Developer Curiosity Into Risk

Counterfeit installers posing as Gemini CLI and Claude Code show how search manipulation can become a delivery channel for malware, even when the underlying products are not the target.

The Search Trap Behind Fake AI Installers

A spoofed Gemini CLI download path shows how attackers can turn ordinary developer search habits into a delivery channel for malware.

Search Results Became the Bait in a New Software-Download Ambush

A lure built around SQL Developer shows how a threat cluster can turn user search intent into a delivery channel for malware, without relying on email at all.

Search Results as a Delivery Pipe: The Fake SQL Developer Lure Behind a New Poisoned-SEO Campaign

A suspected nation-state-linked operation used search manipulation and a fake developer tool as the bait, showing how software discovery can become the first step in compromise.

Fake AI Tool Downloads Turn Search Results Into a Developer Trap

A lure built around Gemini CLI and Claude Code shows how SEO poisoning can funnel developers toward a fileless PowerShell infostealer.

When Search Becomes the Installer: The New Trap for AI Developers

A reported SEO-poisoning campaign impersonating Gemini CLI and Claude Code shows how a familiar “copy the command” workflow can become a malware delivery path.

Search Results Became the Trap: Fake Admin Tool Downloads Pushed Kong RAT

A malware campaign reportedly turned routine searches for FinalShell and Xshell into a delivery path for Kong RAT, showing how trust in download pages can become an entry point for remote control.

Shadow in the Search Results: How EtherRAT Hunts Enterprise Admins with Blockchain and Deception

A new malware campaign leverages SEO, GitHub, and Ethereum to quietly seize control of high-value enterprise systems.

Hijacked Searches: Cybercriminals Exploit Microsoft Tools to Remotely Invade Your PC

New attack campaign uses search engine deception and trusted Windows binaries to sneak remote-control software onto unsuspecting victims’ computers.

Click, Download, Compromise: How SEO Poisoning Is Turning Trusted Apps Into Trojan Horses

A new wave of cyberattacks hijacks popular software downloads through search engine manipulation, silently delivering powerful remote-access malware to unsuspecting users.

Search Engine Sabotage: How Fake App Downloads Are Delivering Cyber Espionage Tools

Under the Hood of a Digital Heist: How Storm-2561 Hijacks Search Results to Steal Your VPN Credentials

Cybercriminals weaponize search engines and fake VPN clients to harvest sensitive login data in a new wave of credential theft.