Fake site offers malicious 7-Zip installer with malware

Kiswahili

A fake website is distributing a malicious version of the 7-Zip installer that contains malware. TechRadar warns users that the .com domain is not the official site for 7-Zip. The alert was published on February 11, 2026.

TechRadar has issued a warning about a fraudulent website mimicking the popular file archiver 7-Zip. The site offers a download for what appears to be the legitimate 7-Zip software but is actually laced with malware.

According to the report, users should be cautious because the .com domain—specifically 7zip.com—is not affiliated with the official 7-Zip project. The official website for 7-Zip is hosted elsewhere, and downloading from unverified sources can lead to security risks.

The publication date of this security advisory is February 11, 2026, at 14:55 UTC. No further details on the specific malware or affected versions were provided in the source material.

This incident highlights the importance of verifying software sources before installation to avoid potential threats.

Makala yanayohusiana

Illustration of a developer's desk with a computer screen showing malicious npm packages stealing credentials across platforms, highlighting cybersecurity risks.
Picha iliyoundwa na AI

Malicious npm packages steal developer credentials on multiple platforms

Imeripotiwa na AI Picha iliyoundwa na AI

Ten typosquatted npm packages, uploaded on July 4, 2025, have been found downloading an infostealer that targets sensitive data across Windows, Linux, and macOS systems. These packages, mimicking popular libraries, evaded detection through multiple obfuscation layers and amassed nearly 10,000 downloads. Cybersecurity firm Socket reported the threat, noting the packages remain available in the registry.

Hackers hijack .arpa domain for phishing scams

Attackers have exploited the .arpa internet domain to host malicious websites and deliver phishing links. They use IPv6 and hidden .arpa addresses to disguise URLs and steal user credentials. The scheme was reported by TechRadar on March 2, 2026.

Fake Chrome AI extensions targeted over 300,000 users

Imeripotiwa na AI

Criminals have distributed fake AI extensions in the Google Chrome Web Store to target more than 300,000 users. These tools aim to steal emails, personal data, and other information. The issue highlights ongoing efforts to push surveillance software through legitimate channels.

Teknolojia

Russian cybercriminals release new ransomware

Linux

New SysUpdate malware variant targets Linux systems

Teknolojia

OpenClaw AI agents targeted by infostealer malware for first time

Hackers hijack LinkedIn comments to spread malware

Experts have warned that phishing attacks are now appearing in LinkedIn comments. Hackers are exploiting the platform's comment sections to distribute malware. Users are advised to stay vigilant against suspicious links in these interactions.

Russian hackers exploit Microsoft Office vulnerability days after patch

Imeripotiwa na AI

Russian state-sponsored hackers quickly weaponized a newly patched Microsoft Office flaw to target organizations in nine countries. The group, known as APT28, used spear-phishing emails to install stealthy backdoors in diplomatic, defense, and transport entities. Security researchers at Trellix attributed the attacks with high confidence to this notorious cyber espionage unit.

Threat actors abuse Pastebin for ClickFix scam on crypto swaps

Threat actors are using comments on Pastebin to promote a scam that tricks cryptocurrency users into running malicious JavaScript on Swapzone.io, hijacking Bitcoin transactions. The attack, a variant of ClickFix techniques, redirects funds to attacker-controlled wallets while mimicking legitimate arbitrage profits. This appears to be the first known instance of such a browser-based ClickFix targeting crypto exchanges.

Chinese hackers install backdoors via Cisco email zero-day

Imeripotiwa na AI

Cisco Talos has detailed how a Chinese-linked group is exploiting an unpatched zero-day in email security appliances since late November 2025, deploying backdoors and log-wiping tools for persistent access.

Alhamisi, 26. Mwezi wa pili 2026, 01:40:05

The hacker news publishes weekly threatsday bulletin

Ijumaa, 20. Mwezi wa pili 2026, 10:04:38

Massiv android malware targets portuguese users with fake iptv app

Alhamisi, 19. Mwezi wa pili 2026, 13:36:25

Researchers uncover new SysUpdate malware variant targeting Linux

Jumatano, 11. Mwezi wa pili 2026, 07:36:13

Top VPNs targeted by typosquatting with malicious fake domains

Jumanne, 27. Mwezi wa kwanza 2026, 06:48:31

Zombie domains expose Snap Store to supply chain attacks

Alhamisi, 22. Mwezi wa kwanza 2026, 03:56:29

Malicious PyPI package impersonates SymPy to deploy XMRig miner

Jumatano, 21. Mwezi wa kwanza 2026, 17:17:18

Attackers hijack Linux Snap Store apps to steal crypto phrases

Jumanne, 16. Mwezi wa kumi na mbili 2025, 03:32:04

Scammers target Leonardo DiCaprio fans with malware torrent

Jumatano, 5. Mwezi wa kumi na moja 2025, 22:25:46

Russian hackers use Linux VMs to hide malware on Windows

Jumatano, 29. Mwezi wa kumi 2025, 07:35:36

New gentlemen's raas advertised on underground forums

 

 

 

Tovuti hii inatumia vidakuzi

Tunatumia vidakuzi kwa uchambuzi ili kuboresha tovuti yetu. Soma sera ya faragha yetu kwa maelezo zaidi.
Kataa