Malware Archives • Page 18 of 131 • Daily CyberSecurity

Excel Trap: New Phishing Campaign Deploys Fileless XWorm RAT XWorm RAT Excel Phishing

Excel Trap: New Phishing Campaign Deploys Fileless XWorm RAT

Do Son February 12, 2026

A new phishing campaign is exploiting an old vulnerability, using malicious Excel files to deploy the potent...

Weaponized Code: LTX Stealer Abuses Node.js to Bypass Antivirus LTX Stealer Node.js Malware

Weaponized Code: LTX Stealer Abuses Node.js to Bypass Antivirus

Do Son February 12, 2026

A new report by CYFIRMA has uncovered a sophisticated credential-stealing campaign that abuses legitimate software frameworks to...

The 7-Zip Trap: How a 25-Year-Old Domain Was Weaponized to Turn Your PC into a Proxy Bot SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

The 7-Zip Trap: How a 25-Year-Old Domain Was Weaponized to Turn Your PC into a Proxy Bot

Do Son February 11, 2026

Security researchers have recently unveiled a sophisticated stratagem wherein adversaries gained control of the domain 7zip[.]com to...

Fake CEO, Real Hack: North Korea Uses AI Deepfakes to Steal Crypto UNC1069 Deepfake Attack Cryptocurrency Malware

Fake CEO, Real Hack: North Korea Uses AI Deepfakes to Steal Crypto

Do Son February 11, 2026

North Korean threat actors are leveling up their social engineering game, using AI-generated deepfakes and sophisticated malware...

Hiding in the Cloud: GuLoader Malware Evolves to Evade Detection GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Hiding in the Cloud: GuLoader Malware Evolves to Evade Detection

Do Son February 11, 2026

Zscaler ThreatLabz has released a deep-dive analysis of GuLoader (also known as CloudEye), revealing how this long-standing...

Silent Killer: Black Basta Bundles “BYOVD” Driver to Blind Antivirus INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

Silent Killer: Black Basta Bundles “BYOVD” Driver to Blind Antivirus

Do Son February 10, 2026

The notorious Black Basta ransomware group has upgraded its arsenal with a dangerous new capability, embedding defense...

Poisoned Protocol: dYdX Supply Chain Attack Injects RATs into npm & PyPI dYdX Supply Chain Attack Malicious npm Package

Poisoned Protocol: dYdX Supply Chain Attack Injects RATs into npm & PyPI

Do Son February 10, 2026

A sophisticated supply chain attack has struck the dYdX decentralized exchange protocol, injecting malicious code into official...

Marco Stealer: The New “Data Raider” Targeting Crypto & Cloud Storage PromptMink Campaign AI Agent Deception LIMINAL PANDA UNC1549 DLL Hijacking, VDI Breakout

PromptMink Campaign AI Agent Deception LIMINAL PANDA UNC1549 DLL Hijacking, VDI Breakout

Marco Stealer: The New “Data Raider” Targeting Crypto & Cloud Storage

Do Son February 10, 2026

A new information-stealing malware has entered the chat, and it is aggressively targeting the digital wallets and...

The “Compatibility” Trap: New Mac Malware Tricks Users into Bypassing TCC OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

The “Compatibility” Trap: New Mac Malware Tricks Users into Bypassing TCC

Do Son February 9, 2026

Mac users, often confident in the “walled garden” security of their devices, are facing a new threat...

The “All-in-One” Spy: DKnife Malware Hijacks Routers to Swap Downloads DKnife Malware Router AitM Framework

The “All-in-One” Spy: DKnife Malware Hijacks Routers to Swap Downloads

Do Son February 9, 2026

A powerful new cyber weapon has been discovered lurking in routers and edge devices, capable of monitoring...

“JackMa” & ShadowGuard: TGR-STA-1030 Spies on 37 Nations via Linux Rootkit TGR-STA-1030 Espionage ShadowGuard Rootkit

“JackMa” & ShadowGuard: TGR-STA-1030 Spies on 37 Nations via Linux Rootkit

Do Son February 9, 2026

A massive, state-aligned cyber espionage campaign has quietly infiltrated government networks across 37 countries, targeting ministries of...

Stan Ghouls Target Uzbekistan and Russia with NetSupport RAT Stan Ghouls (Bloody Wolf) NetSupport RAT

Stan Ghouls Target Uzbekistan and Russia with NetSupport RAT

Do Son February 9, 2026

A cybercriminal group with a taste for local languages and a toolkit of “legitimate” software has launched...

APT28 Weaponizes Office Flaw to Spy on NATO & Military NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

APT28 Weaponizes Office Flaw to Spy on NATO & Military

Do Son February 9, 2026

The notorious Russian state-sponsored group APT28 (also known as Fancy Bear) has launched a sophisticated new espionage...

Silent Army: SystemBC Botnet Infects 10,000+ IPs & Government Networks Global distribution of IP addresses map

Silent Army: SystemBC Botnet Infects 10,000+ IPs & Government Networks

Do Son February 9, 2026

A massive, silent army of compromised devices has been uncovered by researchers, revealing a sprawling botnet that...

CrashFix: New ClickFix Variant Deliberately Breaks Browsers to Deploy RAT CrashFix Malware ClickFix Campaign

CrashFix: New ClickFix Variant Deliberately Breaks Browsers to Deploy RAT

Do Son February 6, 2026

A dangerous evolution of the “ClickFix” social engineering campaign has been spotted in the wild, using a...

Phantom in the Machine: Inside Salt Typhoon’s “SnappyBee” Backdoor axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

Phantom in the Machine: Inside Salt Typhoon’s “SnappyBee” Backdoor

Do Son February 6, 2026

A new technical analysis by Darktrace has peeled back the layers of SnappyBee (also known as Deed...

Stealth Injection: Silver Fox APT Upgrades “ValleyRat” with Rare PoolParty Tech Open VSX Malware String-Fragment Reconstruction DarkCloud Stealer, steganography APT 35 Charming Kitten cyclops

Open VSX Malware String-Fragment Reconstruction DarkCloud Stealer, steganography APT 35 Charming Kitten cyclops

Stealth Injection: Silver Fox APT Upgrades “ValleyRat” with Rare PoolParty Tech

Do Son February 6, 2026

A new wave of malware disguised as popular software installers is sweeping through the Chinese-speaking community, deploying...

Macs Under Siege: New Infostealers Spread via WhatsApp & Fake Apps OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

Macs Under Siege: New Infostealers Spread via WhatsApp & Fake Apps

Do Son February 6, 2026

A sweeping new analysis by the Microsoft Defender Security Research Team reveals a rapidly evolution in the...

Supply Chain Poison: Lotus Blossom Hits Notepad++ to Deploy “Chrysalis” Lotus Blossom Chrysalis Notepad++ Compromise

Supply Chain Poison: Lotus Blossom Hits Notepad++ to Deploy “Chrysalis”

Do Son February 5, 2026

The notorious Chinese state-sponsored threat group Lotus Blossom has resurfaced with a dangerous new toolkit, compromising the...

“Can You Hear Me?” BlueNoroff Hackers Use Fake Audio Glitch to Breach macOS BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

“Can You Hear Me?” BlueNoroff Hackers Use Fake Audio Glitch to Breach macOS

Do Son February 5, 2026

A routine business call turned into a nightmare for one macOS user after North Korean state-sponsored hackers...