"Those infected devices are actively trying to spread malicious code," researchers said.
Cybercriminals managed to infiltrate the site and install maliciously modified copies of the Firefox, OnyX and Deeper applications.
The social media influencers included in this database, mostly young and female, span across the globe from France to the rest of Europe and the US.
Similar to other ransomware, Scarabey demands a Bitcoin payment from victims after infecting their system and encrypting all files.
Trend Micro has observed hackers abusing session-replay scripts to view what a victim does on every site they visit during a browsing session.
The FBI has identified four variations of the scam that claimed the recipient has been a victim of a fraud scheme or a cybercrime.
The malware includes a slightly modified Gh0st remote access trojan designed to act as a backdoor that researchers said is "very similar" to attacks linked to the Iron Tiger group.
Smart sex toys made by German company 'Amor Gummiwaren GmbH' contained multiple security vulnerabilities that could let hackers remotely take control of vibrators.
BeeToken has confirmed the phishing attacks, warning users to be wary of emails and Telegram messages asking for funds.
"It is interesting to see a new ransomware being distributed via exploit kits in what so far seems to be a few ongoing campaigns," researchers said.
The bot spreads using the NSA's EternalBlue exploit that was leaked by the hacking group Shadow Brokers in April last year.
A post-Brexit intelligence-sharing agreement is vital to ensure British and European security, the former heads of MI6 and GCHQ have said.
Google Play store riddled with malware and viruses but elite engineers promise work underway to clean up shop.
Experts found that the highest number of leaked credentials, 555,000 credentials, came from the financial sector.
Since it is fileless and uses legitimate system software, researchers say it is "difficult, if not impossible" for companies to detect and block it.
Car-sharing company GoGet's CEO, Tristan Sender, said they did not notify affected customers sooner based on the "strong advice" of NSW police.
The UK government's surveillance regime used by intelligence agencies to collect internet activity and phone records is unlawful, judges ruled Tuesday (30 January).
"Timing is the only thing that links the two so far," a cybersecurity expert said.
"We have observed another instance where a threat actor looks to be using political events to target individuals or organizations within the Palestine region," researchers said.