Malware Archives • Page 19 of 131 • Daily CyberSecurity

Open VSX Hijacked: “GlassWorm” Malware Poisons VS Code Extensions

Do Son February 5, 2026

A sophisticated supply chain attack has struck the open-source ecosystem, leveraging compromised developer credentials to inject malware...

Digital Ghost: “PhantomVAI” Malware Revives Decade-Old RunPE Tricks PhantomVAI Loader RunPE Malware

Digital Ghost: “PhantomVAI” Malware Revives Decade-Old RunPE Tricks

Do Son February 4, 2026

In a digital landscape often obsessed with the “newest” and “most sophisticated” zero-day exploits, a new report...

Invisible Intruder: “ShadowHS” Malware Weaponizes Hackshell on Linux ShadowHS Malware Linux Fileless Intrusion

Invisible Intruder: “ShadowHS” Malware Weaponizes Hackshell on Linux

Do Son February 4, 2026

Cyble Research & Intelligence Labs (CRIL) has uncovered a sophisticated Linux intrusion chain dubbed ShadowHS, a campaign...

TAMECAT Exposed: APT42’s Fileless Backdoor Targets Defense Chiefs AI Fraud Schemes TAMECAT Malware APT42 Espionage

TAMECAT Exposed: APT42’s Fileless Backdoor Targets Defense Chiefs

Do Son February 4, 2026

A sophisticated espionage campaign targeting senior defense and government officials has been linked to APT42, an Iranian...

AI Hub Hijacked: Polymorphic Android RAT Abuses Hugging Face to Steal Data BadBox 2.0, Android Botnet Alien spyware - CVE-2024-43093

AI Hub Hijacked: Polymorphic Android RAT Abuses Hugging Face to Steal Data

Do Son February 4, 2026

In a troubling convergence of trusted developer infrastructure and cybercrime, Bitdefender researchers have uncovered a sophisticated Android...

Game Over: Interlock Ransomware Weaponizes Anti-Cheat Zero-Day to Kill EDR Interlock Ransomware Anti-Cheat BYOVD

Game Over: Interlock Ransomware Weaponizes Anti-Cheat Zero-Day to Kill EDR

Do Son February 4, 2026

A sophisticated ransomware group known as Interlock is turning the tables on defenders by weaponizing a tool...

The “Go Client” Trap: Why Your RustDesk ID is Currently Under Automated Botnet Siege RustDesk "Go Client" botnet

The “Go Client” Trap: Why Your RustDesk ID is Currently Under Automated Botnet Siege

Do Son February 3, 2026

The renowned open-source remote access utility, RustDesk, was besieged in late January 2026 by an automated campaign...

Grid Sabotage: “Static Tundra” Hits Poland’s Energy Sector with DynoWiper DynoWiper Malware Middle East Cyberwar, Cyber Operations

Grid Sabotage: “Static Tundra” Hits Poland’s Energy Sector with DynoWiper

Do Son February 3, 2026

The critical infrastructure of Poland’s energy sector has come under sustained fire from a sophisticated threat actor...

Trojan AI: OpenClaw “Skills” Marketplace Flooded with Malware OpenClaw Supply Chain Attack Malicious AI Skills

Trojan AI: OpenClaw “Skills” Marketplace Flooded with Malware

Do Son February 3, 2026

The booming ecosystem of personal AI agents has hit its first major security speed bump. VirusTotal has...

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

Fancy Bear Returns: APT28 Exploits Office Flaw in “Operation Neusploit”

Do Son February 3, 2026

The notorious Russia-linked threat group APT28 (also known as Fancy Bear) has resurfaced with a sophisticated new...

The “IClickFix” Trap: 3,800+ WordPress Sites Poisoned by Fake CAPTCHAs IClickFix Framework WordPress Watering Hole

The “IClickFix” Trap: 3,800+ WordPress Sites Poisoned by Fake CAPTCHAs

Do Son February 3, 2026

A massive wave of “watering hole” attacks has turned thousands of legitimate WordPress websites into traps for...

IIS Under Siege: UAT-8099 Deploys Region-Locked “BadIIS” & Linux Variants UAT-8099 BadIIS Malware Pacific Islands Forum Cyberattack

IIS Under Siege: UAT-8099 Deploys Region-Locked “BadIIS” & Linux Variants

Do Son February 2, 2026

A sophisticated cyber campaign targeting Internet Information Services (IIS) servers across Asia has evolved with new, highly...

Signed & Stolen: “Phantom Stealer” Hijacks Java App via Fake DHL Invoice Xloader Malware Information Stealer Phantom Stealer v3.5.0 DLL Sideloading Attack

Xloader Malware Information Stealer Phantom Stealer v3.5.0 DLL Sideloading Attack

Signed & Stolen: “Phantom Stealer” Hijacks Java App via Fake DHL Invoice

Do Son February 2, 2026

A sophisticated new malware campaign is turning the trust of legitimate software against users, weaponizing a signed...

Wrapped in Stealth: Python RAT Hides Inside ELF Binary to Evade Detection Python-based RAT Adaptive Beaconing

Wrapped in Stealth: Python RAT Hides Inside ELF Binary to Evade Detection

Do Son February 2, 2026

In a landscape often dominated by complex, state-sponsored malware, a new threat has emerged that proves simplicity...

AI-Coded Malware: Vietnamese “Huna” Actor Targets Job Seekers with PureRAT AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AI-Coded Malware: Vietnamese “Huna” Actor Targets Job Seekers with PureRAT

Do Son February 2, 2026

A new wave of cyberattacks has been detected targeting job seekers worldwide, driven by a Vietnamese threat...

“Update” to Nightmare: eScan Antivirus Hacked to Distribute Malware TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

“Update” to Nightmare: eScan Antivirus Hacked to Distribute Malware

Do Son January 30, 2026

Security researchers at Morphisec have uncovered a massive compromise affecting eScan, an enterprise antivirus solution developed by...

Spies in the Spreadsheet: “Sheet Attack” Uses Google Sheets & AI to Target India Iranian Hacktivists Operation Epic Fury Cyber New Generation Warfare Russian Hybrid Escalation Plex data breach Water Systems Cybersecurity - Threat Actor Naming Standard

Iranian Hacktivists Operation Epic Fury Cyber New Generation Warfare Russian Hybrid Escalation Plex data breach Water Systems Cybersecurity - Threat Actor Naming Standard

Spies in the Spreadsheet: “Sheet Attack” Uses Google Sheets & AI to Target India

Do Son January 29, 2026

A sophisticated cyberespionage operation targeting the Indian government has been exposed, revealing a disturbing evolution in how...

Fake AI Assistant: Malicious “ClawdBot” Extension Hides Trojan in VS Code ClawdBot Malware VS Code Trojan

Fake AI Assistant: Malicious “ClawdBot” Extension Hides Trojan in VS Code

Do Son January 29, 2026

The viral popularity of AI coding assistants has attracted a new kind of predator. On January 27,...

The “Fake CAPTCHA” Trap: Malware Hides in Google Calendar & Images CloudComputating - QSC framework

The “Fake CAPTCHA” Trap: Malware Hides in Google Calendar & Images

Do Son January 29, 2026

It starts with a simple, annoying verification box: “I am not a robot.” But a new campaign...

HoneyMyte Evolved: Spies Use Pixeldrain & CoolClient for Real-Time Surveillance HoneyMyte Espionage CoolClient Backdoor

HoneyMyte Evolved: Spies Use Pixeldrain & CoolClient for Real-Time Surveillance

Do Son January 28, 2026

The persistent and sophisticated espionage group known as HoneyMyte (also tracked as Mustang Panda or Bronze President)...