Cyber Security Headlines CISA warns of app break-ins, StealC V2 spread through blender files, Russian entrepreneur arrested for treason
15 snips
Nov 26, 2025 CISA issues a warning about state-backed actors hijacking messaging apps with spoofed versions. New findings reveal SteelC V2 malware spreading through weaponized Blender files. A Russian entrepreneur faces treason charges after criticizing a state-backed messaging app. Meanwhile, account takeover fraud has resulted in a staggering $262 million in losses. Attackers are also exploiting vulnerabilities in legacy devices from SonicWall, showcasing the ever-evolving landscape of cyber threats.
AI Snips
Chapters
Transcript
Episode notes
Messaging Apps Are Targeted At The Device Level
- CISA warns that state-backed groups and mercenaries hijack Signal and WhatsApp using spoofed apps, phishing, QR codes, and zero-click exploits.
- High-value users across the U.S., Europe, and the Middle East are primary targets for these device-level compromises.
3D Files Used As Malware Delivery Vehicles
- Morphosec found SteelC v2 spreading via weaponized Blender files uploaded to 3D model sites like cdtrader.
- The malware uses embedded Python to run a PowerShell loader that installs an info stealer and a secondary Python stealer.
SteelC Targets Browsers And Wallet Extensions
- SteelC v2 can exfiltrate data from 23+ browsers and 100+ crypto wallet extensions plus messaging and VPN clients.
- Many samples evade antivirus detection, increasing the risk to users with exposed browser extensions and wallets.