Malware

“Matryoshka” Malware: New macOS Attack Hides Inside “Russian Dolls” of Obfuscation OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

“Matryoshka” Malware: New macOS Attack Hides Inside “Russian Dolls” of Obfuscation

Ddos February 16, 2026

Mac users are being targeted by a sophisticated new social engineering campaign that wraps malicious code in...

One Code to Lock Them All: LockBit 5.0 Unifies Attacks on Windows, Linux, and ESXi LockBit LockBit 5.0 Resurgence, ETW Blinding Ransomware

LockBit LockBit 5.0 Resurgence, ETW Blinding Ransomware

One Code to Lock Them All: LockBit 5.0 Unifies Attacks on Windows, Linux, and ESXi

Ddos February 16, 2026

The notorious LockBit ransomware gang has released its latest iteration, LockBit 5.0, marking a significant technical evolution...

OysterLoader: Multi-Stage Loader Evolves to Evade Detection and Deliver Ransomware INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

OysterLoader: Multi-Stage Loader Evolves to Evade Detection and Deliver Ransomware

Ddos February 16, 2026

A detailed analysis by the Sekoia TDR team has shed new light on OysterLoader, a sophisticated malware...

Surveillance for Sale: ZeroDayRAT Turns Phones into Spies via Telegram ZeroDayRAT Mobile Spyware

ZeroDayRAT Mobile Spyware

Surveillance for Sale: ZeroDayRAT Turns Phones into Spies via Telegram

Ddos February 16, 2026

A new and powerful mobile spyware platform has emerged on the cybercrime market, offering sophisticated surveillance capabilities...

Trusted Tool Weaponized: Lotus Blossom Hijacks Notepad++ Updates

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

Trusted Tool Weaponized: Lotus Blossom Hijacks Notepad++ Updates

Ddos February 16, 2026

A new report from Unit 42 has exposed a highly targeted supply chain attack that turned one...

Inside Job: Abandoned Outlook Add-in “AgreeTo” Steals 4,000 Credentials Outlook Add-in Phishing AgreeTo Malicious Add-in

Outlook Add-in Phishing AgreeTo Malicious Add-in

Inside Job: Abandoned Outlook Add-in “AgreeTo” Steals 4,000 Credentials

Ddos February 13, 2026

In a disturbing first for enterprise security, researchers at Koi Security have uncovered a malicious Microsoft Outlook...

Dream Job or Nightmare? Lazarus Group Hunts Crypto Devs with “Graphalgo” Malware TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

Dream Job or Nightmare? Lazarus Group Hunts Crypto Devs with “Graphalgo” Malware

Ddos February 13, 2026

The notorious North Korean hacking syndicate, Lazarus Group, has launched a new, highly sophisticated branch of its...

The Human Hack: LummaStealer Returns with Deceptive “ClickFix” Attacks Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

The Human Hack: LummaStealer Returns with Deceptive “ClickFix” Attacks

Ddos February 13, 2026

A new report from Bitdefender has revealed a troubling resurgence in LummaStealer activity, proving that even coordinated...

Back to the Future: SSHStalker Botnet Revives 2009 Tactics to Hijack Linux Servers SSHStalker Botnet Linux IRC Malware

SSHStalker Botnet Linux IRC Malware

Back to the Future: SSHStalker Botnet Revives 2009 Tactics to Hijack Linux Servers

Ddos February 13, 2026

A previously undocumented Linux botnet has been discovered prowling the internet, using a mix of ancient tactics...

The Rise of Vibecoding: AI-Generated Malware Exploits React2Shell Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

The Rise of Vibecoding: AI-Generated Malware Exploits React2Shell

Ddos February 12, 2026

A new class of cyberattack has been caught in the wild, one where the code isn’t written...

VoidLink Rising: New “AI-Ready” Malware Framework Targets Linux & IoT VoidLink Framework UAT-9921 Russian hacking group

VoidLink Framework UAT-9921 Russian hacking group

VoidLink Rising: New “AI-Ready” Malware Framework Targets Linux & IoT

Ddos February 12, 2026

A new and sophisticated threat actor has emerged from the shadows, wielding a modular attack framework designed...

Excel Trap: New Phishing Campaign Deploys Fileless XWorm RAT XWorm RAT Excel Phishing

XWorm RAT Excel Phishing

Excel Trap: New Phishing Campaign Deploys Fileless XWorm RAT

Ddos February 12, 2026

A new phishing campaign is exploiting an old vulnerability, using malicious Excel files to deploy the potent...

Weaponized Code: LTX Stealer Abuses Node.js to Bypass Antivirus LTX Stealer Node.js Malware

LTX Stealer Node.js Malware

Weaponized Code: LTX Stealer Abuses Node.js to Bypass Antivirus

Ddos February 12, 2026

A new report by CYFIRMA has uncovered a sophisticated credential-stealing campaign that abuses legitimate software frameworks to...

The 7-Zip Trap: How a 25-Year-Old Domain Was Weaponized to Turn Your PC into a Proxy Bot SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

The 7-Zip Trap: How a 25-Year-Old Domain Was Weaponized to Turn Your PC into a Proxy Bot

Ddos February 11, 2026

Security researchers have recently unveiled a sophisticated stratagem wherein adversaries gained control of the domain 7zip[.]com to...

Fake CEO, Real Hack: North Korea Uses AI Deepfakes to Steal Crypto UNC1069 Deepfake Attack Cryptocurrency Malware

UNC1069 Deepfake Attack Cryptocurrency Malware

Fake CEO, Real Hack: North Korea Uses AI Deepfakes to Steal Crypto

Ddos February 11, 2026

North Korean threat actors are leveling up their social engineering game, using AI-generated deepfakes and sophisticated malware...

Hiding in the Cloud: GuLoader Malware Evolves to Evade Detection GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Hiding in the Cloud: GuLoader Malware Evolves to Evade Detection

Ddos February 11, 2026

Zscaler ThreatLabz has released a deep-dive analysis of GuLoader (also known as CloudEye), revealing how this long-standing...

Silent Killer: Black Basta Bundles “BYOVD” Driver to Blind Antivirus INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

Silent Killer: Black Basta Bundles “BYOVD” Driver to Blind Antivirus

Ddos February 10, 2026

The notorious Black Basta ransomware group has upgraded its arsenal with a dangerous new capability, embedding defense...

Poisoned Protocol: dYdX Supply Chain Attack Injects RATs into npm & PyPI dYdX Supply Chain Attack Malicious npm Package

dYdX Supply Chain Attack Malicious npm Package

Poisoned Protocol: dYdX Supply Chain Attack Injects RATs into npm & PyPI

Ddos February 10, 2026

A sophisticated supply chain attack has struck the dYdX decentralized exchange protocol, injecting malicious code into official...

Marco Stealer: The New “Data Raider” Targeting Crypto & Cloud Storage PromptMink Campaign AI Agent Deception LIMINAL PANDA UNC1549 DLL Hijacking, VDI Breakout

PromptMink Campaign AI Agent Deception LIMINAL PANDA UNC1549 DLL Hijacking, VDI Breakout

Marco Stealer: The New “Data Raider” Targeting Crypto & Cloud Storage

Ddos February 10, 2026

A new information-stealing malware has entered the chat, and it is aggressively targeting the digital wallets and...

The “Compatibility” Trap: New Mac Malware Tricks Users into Bypassing TCC OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

The “Compatibility” Trap: New Mac Malware Tricks Users into Bypassing TCC

Ddos February 9, 2026

Mac users, often confident in the “walled garden” security of their devices, are facing a new threat...