Malware Archives • Page 11 of 129 • Daily CyberSecurity

The CAPTCHA Trap: How a Global ‘ClickFix’ Campaign Weaponizes WordPress to Drain Digital Wallets ClickFix Campaign WordPress Malware

The CAPTCHA Trap: How a Global ‘ClickFix’ Campaign Weaponizes WordPress to Drain Digital Wallets

Ddos March 18, 2026

In a sophisticated new campaign active since late 2025, a mysterious threat actor has been turning the...

The Resume Trap: How ‘BlackSanta’ Malware Uses Fake CVs to Blind EDRs and Hijack HR Systems Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

The Resume Trap: How ‘BlackSanta’ Malware Uses Fake CVs to Blind EDRs and Hijack HR Systems

Ddos March 18, 2026

Aryaka Threat Labs has unmasked a sophisticated malware operation dubbed BlackSanta. This Russian-speaking threat actor has spent...

Pandora’s Box: IBM X-Force Uncovers Likely AI-Generated “Slopoly” Malware Weaponizable AI AI Cyber Threats

Pandora’s Box: IBM X-Force Uncovers Likely AI-Generated “Slopoly” Malware

Ddos March 18, 2026

Cybersecurity investigators at IBM X-Force have identified a disturbing new milestone in the evolution of digital threats:...

GlassWorm Abuses VS Code Extensions to Fuel Supply Chain Attacks GlassWorm Malware Open VSX Supply Chain

GlassWorm Abuses VS Code Extensions to Fuel Supply Chain Attacks

Ddos March 17, 2026

The threat actor known as GlassWorm has significantly escalated its operations, pivoting from simple malicious listings to...

Weaponized Browsers: How the ‘DRILLAPP’ Backdoor Turns Microsoft Edge into an Espionage Tool DRILLAPP Backdoor Browser Exploitation

Weaponized Browsers: How the ‘DRILLAPP’ Backdoor Turns Microsoft Edge into an Espionage Tool

Ddos March 17, 2026

Cybersecurity researchers at LAB52, the threat intelligence arm of S2 Group, have uncovered a novel campaign targeting...

Malicious Packagist Themes Target Vietnamese OphimCMS Sites with Trojanized JS OphimCMS Malware Packagist Supply Chain Attack

Malicious Packagist Themes Target Vietnamese OphimCMS Sites with Trojanized JS

Ddos March 17, 2026

Cybersecurity investigators at Socket’s Threat Research Team have sounded the alarm after discovering a cluster of malicious...

Backdoored React Native Packages Target Developers with Crypto-Stealing Malware PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

Backdoored React Native Packages Target Developers with Crypto-Stealing Malware

Ddos March 16, 2026

The JavaScript development community is on high alert following a coordinated supply chain attack targeting two popular...

Weaponizing Conflict: ThreatLabz Exposes Mustang Panda’s Rapid PlugX Campaign in the Middle East Mustang Panda PlugX Backdoor

Weaponizing Conflict: ThreatLabz Exposes Mustang Panda’s Rapid PlugX Campaign in the Middle East

Ddos March 16, 2026

Recently, cybersecurity researchers at ThreatLabz have uncovered a new campaign by a China-nexus threat actor. The operation,...

‘PixRevolution’ Android Trojan Hijacks Brazil’s PIX in Real-Time PixRevolution Android Banking Trojan

‘PixRevolution’ Android Trojan Hijacks Brazil’s PIX in Real-Time

Ddos March 16, 2026

Cybersecurity experts at Zimperium’s zLabs have unmasked a high-stakes mobile threat named “PixRevolution,” a novel Android banking...

The End of the Static Era: Trellix Uncovers Fully Fileless Remcos RAT Campaign Remcos RAT Fileless Malware

The End of the Static Era: Trellix Uncovers Fully Fileless Remcos RAT Campaign

Ddos March 16, 2026

In the ever-evolving arms race between hackers and defenders, the “static” era is officially over. A new...

The Shotgun Approach: BitSight Exposes RondoDox Botnet’s Rapid-Fire 174-Exploit Arsenal Targeting IoT RondoDox Botnet BitSight IoT Security

The Shotgun Approach: BitSight Exposes RondoDox Botnet’s Rapid-Fire 174-Exploit Arsenal Targeting IoT

Ddos March 16, 2026

As the Internet of Things (IoT) ecosystem swells toward an estimated 41.1 billion connected devices by 2030,...

Blitz Brigantine Weaponizes Email Bombing and DNS MX Records to Deploy AOBackdoor Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Blitz Brigantine Weaponizes Email Bombing and DNS MX Records to Deploy AOBackdoor

Ddos March 16, 2026

Cybersecurity experts at BlueVoyant have uncovered a sophisticated evolution in the tactics of the threat group known...

Silence of the Hops: The KadNap Botnet Conscripts 14,000 Routers KadNap Botnet Asus Routers

Silence of the Hops: The KadNap Botnet Conscripts 14,000 Routers

Ddos March 15, 2026

Cybersecurity researchers at Black Lotus Labs, the threat intelligence arm of Lumen Technologies, have unmasked a sophisticated...

Unit 42 Unmasks CL-STA-1087’s Years-Long Cyber Espionage Against Asian Militaries UNC5221 HAFNIUM Extradition PRC State Espionage

Unit 42 Unmasks CL-STA-1087’s Years-Long Cyber Espionage Against Asian Militaries

Ddos March 13, 2026

Security researchers at Unit 42 have pulled back the curtain on a sophisticated espionage cluster they’ve dubbed...

The “CrashFix” Evolution: KongTuke’s New Playbook for Enterprise Infiltration UAT-8099 BadIIS Malware Pacific Islands Forum Cyberattack

The “CrashFix” Evolution: KongTuke’s New Playbook for Enterprise Infiltration

Ddos March 13, 2026

A recent deep-dive investigation from Trend Micro Managed Detection and Response (MDR) has unmasked the evolving tactics...

TaxiSpy RAT: New Android Banking Trojan Targets Russian Financial Sector Android zero day flaw June 2026 security bulletin RuTaxi Trojan Android Banking Malware Pixel 9 zero-click exploit, Dolby UDC vulnerability CVE-2025-54957 NexusRoute Android RAT, India E-Challan Phishing ClayRat Self-Defense, Android Accessibility Abuse Android Trojan, AntiDot Android Malware "BadPack"

Android zero day flaw June 2026 security bulletin RuTaxi Trojan Android Banking Malware Pixel 9 zero-click exploit, Dolby UDC vulnerability CVE-2025-54957 NexusRoute Android RAT, India E-Challan Phishing ClayRat Self-Defense, Android Accessibility Abuse Android Trojan, AntiDot Android Malware "BadPack"

TaxiSpy RAT: New Android Banking Trojan Targets Russian Financial Sector

Ddos March 13, 2026

A highly sophisticated Android Banking Trojan has emerged, combining traditional financial theft with advanced Remote Access Trojan...

The Mutable Tag Trap: Critical 9.4 CVSS Attack on Xygeni GitHub Action Exposes CI/CD Pipelines Xygeni Tag Poisoning CVE-2026-31976

The Mutable Tag Trap: Critical 9.4 CVSS Attack on Xygeni GitHub Action Exposes CI/CD Pipelines

Ddos March 12, 2026

In a sophisticated supply chain manipulation, the xygeni-action GitHub Action was recently targeted by a critical “tag...

Gaslighting Android: How the ‘Digital Lutera’ Attack Uses LSPosed to Bypass UPI SIM-Binding UPI SIM-Binding Bypass LSPosed Framework

Gaslighting Android: How the ‘Digital Lutera’ Attack Uses LSPosed to Bypass UPI SIM-Binding

Ddos March 12, 2026

According to a critical new report from CloudSEK, threat actors have moved beyond simple app modifications to...

The Sleeper in Your Toolbar: How a “Featured” Chrome Extension Turned Into a Full-Scale Infostealer ShotBird extension malware

The Sleeper in Your Toolbar: How a “Featured” Chrome Extension Turned Into a Full-Scale Infostealer

Ddos March 12, 2026

A once-reputable Chrome extension has been caught moonlighting as a sophisticated malware delivery vehicle. ShotBird, a tool...

Malicious npm Package “pino-sdk-v2” Caught Harvesting Secrets pino-sdk-v2 npm Supply Chain Attack

Malicious npm Package “pino-sdk-v2” Caught Harvesting Secrets

Ddos March 11, 2026

In the modern development landscape, supply chain attacks remain one of the most effective ways for threat...

Critical Alert 1 Active Exploit Detected Today