Malware Archives • Daily CyberSecurity

Mistic Backdoor Linked to Ransomware Access Broker Mistic backdoor malware and ransomware access broker diagram

Mistic Backdoor Linked to Ransomware Access Broker

Do Son June 27, 2026

At a glance Malware Family: Backdoor.Mistic Threat Actor: Suspected Woodgnat (aka KongTuke) Target or Victims: Insurance, education,...

Langflow Cryptominer Malware Exploits CVE-2026-33017 hack

Langflow Cryptominer Malware Exploits CVE-2026-33017

Do Son June 27, 2026

At least 39 rival malware families appear on a kill list used by a new Langflow cryptominer...

OXLOADER Malware Loader Spreads CASTLESTEALER via Fake Node.js Ads TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

OXLOADER Malware Loader Spreads CASTLESTEALER via Fake Node.js Ads

Do Son June 26, 2026

At a Glance Malware family OXLOADER (loader) delivering CASTLESTEALER (.NET infostealer) Threat actor Unnamed; suspected Russian-speaking and...

Remcos RAT delivered by a steganographic loader hidden in a bitmap image

Remcos RAT Delivered by a Steganographic Loader in Phishing Emails

Do Son June 26, 2026

At a Glance Malware family Remcos RAT (final payload), via a multi-stage .NET loader chain Threat actor...

Windows Crypto Clipper Malware Exposed digital-hacker

Windows Crypto Clipper Malware Exposed

Do Son June 25, 2026

Microsoft Threat Intelligence discovered a new cryptocurrency stealer affecting users since February 2026. This Windows crypto clipper...

Vidar ABE Bypass Technique Steals Browser Keys Vidar ABE bypass technique flowchart showing how Vidar infostealer malware extracts keys

Vidar ABE Bypass Technique Steals Browser Keys

Do Son June 25, 2026

Gen Digital researchers recently discovered a new Vidar ABE bypass technique. The Vidar infostealer malware extracts the...

Rokarolla Android banking trojan executing a device takeover

Rokarolla Android Banking Trojan Steals Financial Data

Do Son June 25, 2026

At a Glance Malware Family: Rokarolla Android banking trojan Threat Actor: Unknown Targets or Victims: 217 cryptocurrency...

Crypto Clipboard Hijacker Hides Behind Fake Stars and Upvotes Check Point exposed a crypto clipboard hijacker spread by fake Ghost Networks. The Rust clipper swaps wallet addresses to steal crypto. Stay alert.

Check Point exposed a crypto clipboard hijacker spread by fake Ghost Networks. The Rust clipper swaps wallet addresses to steal crypto. Stay alert.

Crypto Clipboard Hijacker Hides Behind Fake Stars and Upvotes

Do Son June 24, 2026

At a Glance Malware family Rust clipboard hijacker (clipper), Windows and macOS Threat actor Single operator tied...

SmartRAT ClickFix Campaign Identified the-security

SmartRAT ClickFix Campaign Identified

Do Son June 24, 2026

At a Glance Malware Family: SmartRAT (also tracked as Banana RAT) Threat Actor: Suspected Brazilian cybercriminal groups...

macOS ClickFix AppleScript stealer diagram showing the Meow macOS stealer infection chain

macOS ClickFix AppleScript Stealer Hijacks Crypto Wallets

Do Son June 23, 2026

At a Glance Malware Family: Meow macOS stealer (AppleScript-based infostealer and RAT) Threat Actor: Suspected Russian-speaking attacker...

Dropping Elephant Malware: China-Themed Loader Campaign Analyzed Dropping Elephant malware China-themed loader and in-memory RAT diagram

Dropping Elephant Malware: China-Themed Loader Campaign Analyzed

Do Son June 23, 2026

Threat researchers have uncovered a new Dropping Elephant malware attack using an advanced fileless mechanism. Rapid7 recently...

AryStinger Malware Attacks Routers via CVE-2013-3307 AryStinger malware infection chain exploiting CVE-2013-3307

AryStinger Malware Attacks Routers via CVE-2013-3307

Do Son June 23, 2026

Security researchers at QiAnXin XLab discovered over 4,300 legacy routers infected globally. They named this new threat...

Malicious Steam Wallpapers Spread Malware to Gamers Malicious Steam wallpapers targeting the Wallpaper Engine app

Malicious Steam Wallpapers Spread Malware to Gamers

Do Son June 22, 2026

At a Glance Malware Family: Various (DarkKomet, infostealers, crypto miners) Threat Actor: Suspected multiple independent hacking groups...

SHEETCREEP Malware Abuses Google Sheets API for Command-and-Control security-de

SHEETCREEP Malware Abuses Google Sheets API for Command-and-Control

Do Son June 22, 2026

At a glance Malware family SHEETCREEP (SHEET#CREEP), C# .NET RAT Threat actor APT36 / Transparent Tribe (suspected,...

DragonForce Hides Backdoor C2 Inside Microsoft Teams TURN Relays digital-hacker

DragonForce Hides Backdoor C2 Inside Microsoft Teams TURN Relays

Do Son June 22, 2026

At a glance Malware family Backdoor.Turn (Go-based RAT) Threat actor DragonForce ransomware, developed by Hackledorb (Symantec attribution)...

ErrTraffic Malware Spreads ClickFix Lures via Hacked WordPress Sites hacker-security

ErrTraffic Malware Spreads ClickFix Lures via Hacked WordPress Sites

Do Son June 22, 2026

At a glance Malware family ErrTraffic (ClickFix distribution framework / TDS, sold as MaaS) Threat actor Sold...

NPM Package Tests AI Malware Scanner Evasion hacker-security

NPM Package Tests AI Malware Scanner Evasion

Do Son June 21, 2026

At a glance Malware Family: shai_hulululud (Protestware/Testing) Threat Actor: Unknown (Suspected researcher or troll) Targets: AI-based malware...

GlassWASM Malware Hidden in Open VSX Extensions code

GlassWASM Malware Hidden in Open VSX Extensions

Do Son June 20, 2026

Security researchers have uncovered GlassWASM malware, a stealthy threat hiding inside trojanized Visual Studio Code extensions. Socket’s...

Interlock and Rhysida Ransomware: IBM X-Force Maps a Shared Ecosystem malware

Interlock and Rhysida Ransomware: IBM X-Force Maps a Shared Ecosystem

Do Son June 19, 2026

A two-year look at a shared ransomware ecosystem IBM X-Force has released long-term research into the Interlock...

APT37 NarwhalRAT Malware: A Python Backdoor Threat APT37 NarwhalRAT malware diagram

APT37 NarwhalRAT Malware: A Python Backdoor Threat

Do Son June 19, 2026

Genians Security Center recently confirmed the continued distribution of compiled Python-based malware. This threat targets Korean users...

Critical Alert 2 Active Exploits Detected Today