Malware Archives • Page 20 of 131 • Daily CyberSecurity

“Gopher Strike”: New Pakistan-Linked Cyber Campaigns Target Indian Government Zyxel security - Mitel MiCollab Vulnerability

“Gopher Strike”: New Pakistan-Linked Cyber Campaigns Target Indian Government

Do Son January 28, 2026

A sophisticated new wave of cyberespionage campaigns targeting the Indian government has been exposed, utilizing custom-built tools...

Stealth in Script: “PeckBirdy” Framework Powers New Wave of China-Aligned Attacks CVE-2024-22394

Stealth in Script: “PeckBirdy” Framework Powers New Wave of China-Aligned Attacks

Do Son January 27, 2026

A sophisticated new cyberweapon has been spotted in the arsenals of China-aligned Advanced Persistent Threat (APT) groups,...

“G_Wagon” Malware Hides in Fake NPM UI Library to Steal Cloud Keys Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

“G_Wagon” Malware Hides in Fake NPM UI Library to Steal Cloud Keys

Do Son January 27, 2026

It looked like just another UI library. “ansi-universal-ui” promised to be a “lightweight, modular UI component system...

Hijacking the Hackers: Researchers Sinkhole “KazakRAT” Espionage Campaign KazakRAT Espionage State-Affiliated Malware

Hijacking the Hackers: Researchers Sinkhole “KazakRAT” Espionage Campaign

Do Son January 27, 2026

A persistent, suspected state-affiliated cyber espionage campaign targeting government and financial entities in Kazakhstan and Afghanistan has...

The CAPTCHA Trap: ClearFake Malware Tricks Users Into Hacking Themselves axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

The CAPTCHA Trap: ClearFake Malware Tricks Users Into Hacking Themselves

Do Son January 27, 2026

A sophisticated malware campaign is turning a standard security verification step into a trap. Security researchers at...

Trusted Tool, Hidden Threat: Official EmEditor Installer Hijacked to Push Malware EmEditor Supply Chain Attack Trojanized Installer

Trusted Tool, Hidden Threat: Official EmEditor Installer Hijacked to Push Malware

Do Son January 27, 2026

A compromised installer for EmEditor, a text editor trusted by developers worldwide, has been used to distribute...

The Developer’s Backdoor: North Korea Weaponizes Visual Studio Code Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

The Developer’s Backdoor: North Korea Weaponizes Visual Studio Code

Do Son January 26, 2026

Cyber spies aligned with North Korea are now weaponizing a tool beloved by developers worldwide—Visual Studio Code—to...

“Osiris” Rises: New Ransomware Targets Southeast Asian Food Giant with Advanced Tactics Osiris Ransomware Inc Ransomware Connection CountLoader Massive Ransomware Campaign CVE-2025-0289

Osiris Ransomware Inc Ransomware Connection CountLoader Massive Ransomware Campaign CVE-2025-0289

“Osiris” Rises: New Ransomware Targets Southeast Asian Food Giant with Advanced Tactics

Do Son January 26, 2026

A new ransomware family, borrowing the name of the ancient Egyptian god of the dead, has emerged...

“SymPy” Imposter: Typosquatting Attack Turns Math Library into Crypto Miner sympy-dev Malware PyPI Supply Chain Attack

“SymPy” Imposter: Typosquatting Attack Turns Math Library into Crypto Miner

Do Son January 23, 2026

A deceptive new supply chain attack has been uncovered in the Python ecosystem, where a malicious package...

Mac Users Beware: “MacSync” Malware Tricks You Into Hacking Yourself MacSync Malware macOS ClickFix

Mac Users Beware: “MacSync” Malware Tricks You Into Hacking Yourself

Do Son January 23, 2026

A sophisticated new malware campaign is targeting macOS users with a lethal combination of social engineering and...

Bandwidth Bandits: Fake Notepad++ Installers Hide “Proxyjacking” Malware Proxyjacking Larva-25012

Bandwidth Bandits: Fake Notepad++ Installers Hide “Proxyjacking” Malware

Do Son January 22, 2026

A new wave of cyberattacks is targeting users looking for free software, turning their computers into unwilling...

GitHub & Dropbox Weaponized: “Defendnot” Tool Used to Disable Windows Defender Defendnot Abuse Multi-Stage Malware Campaign

GitHub & Dropbox Weaponized: “Defendnot” Tool Used to Disable Windows Defender

Do Son January 22, 2026

A sophisticated multi-stage malware campaign has been uncovered targeting users in Russia, blending social engineering with a...

“Contagious” Code: North Korean Hackers Infiltrate Developer Workflows via Visual Studio Code BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

“Contagious” Code: North Korean Hackers Infiltrate Developer Workflows via Visual Studio Code

Do Son January 21, 2026

The “Contagious Interview” campaign, a sophisticated cyber-espionage operation attributed to North Korean (DPRK) threat actors, has evolved...

Hidden in Plain Site: PURELOGS Stealer Hides Malware in Archive.org Images PURELOGS Stealer Archive.org Phishing

Hidden in Plain Site: PURELOGS Stealer Hides Malware in Archive.org Images

Do Son January 21, 2026

A seemingly innocuous pharmaceutical invoice in your inbox could be the first step in a sophisticated four-stage...

VoidLink: The First Advanced Malware Framework Architected Entirely by AI NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

VoidLink: The First Advanced Malware Framework Architected Entirely by AI

Do Son January 21, 2026

In a new report, Check Point Research (CPR) has unveiled “VoidLink,” a sophisticated malware framework that wasn’t...

“Evelyn Stealer” Weaponizes Visual Studio Code Extensions KTLVdoor backdoor - CoffeeLoader Malware

“Evelyn Stealer” Weaponizes Visual Studio Code Extensions

Do Son January 21, 2026

The tools that software developers trust most are being turned against them in a sophisticated new malware...

Discord Spy: SolyxImmortal Malware Uses Webhooks for Stealthy Theft SolyxImmortal Malware Python Info-Stealer Discord Webhook C2, Supply Chain Abuse

SolyxImmortal Malware Python Info-Stealer Discord Webhook C2, Supply Chain Abuse

Discord Spy: SolyxImmortal Malware Uses Webhooks for Stealthy Theft

Do Son January 20, 2026

A newly identified Python-based malware, SolyxImmortal, is making the rounds in underground channels, offering a “monolithic” surveillance...

Malformed & Dangerous: Gootloader Returns with New Ransomware Ties Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Malformed & Dangerous: Gootloader Returns with New Ransomware Ties

Do Son January 20, 2026

After a mysterious hiatus, the notorious Gootloader malware has resurfaced with a vengeance, sporting a new alliance...

PDFSIDER Discovered: New APT Malware Uses DLL Side-Loading to Evade Detection PDFSIDER Malware DLL Side-Loading

PDFSIDER Discovered: New APT Malware Uses DLL Side-Loading to Evade Detection

Do Son January 20, 2026

A new and sophisticated malware variant dubbed PDFSIDER has been unearthed by researchers at Resecurity, marking the...

Operation Poseidon: Konni APT Hijacks Google & Naver Ads for Malware Operation Poseidon Konni APT

Operation Poseidon: Konni APT Hijacks Google & Naver Ads for Malware

Do Son January 20, 2026

In a deep-dive analysis released by Genians Security Center, researchers have exposed “Operation Poseidon,” a sophisticated campaign...