Malware

Spy vs. Spy: Predator Malware Now Hunts the Researchers OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

Spy vs. Spy: Predator Malware Now Hunts the Researchers

Do Son January 20, 2026

The commercial spyware industry isn’t just building tools to spy on victims; they are building tools to...

Trojanized PDF Editor: “TamperedChef” Campaign Bypasses Windows SmartScreen TamperedChef Malvertising AppSuite PDF Editor

TamperedChef Malvertising AppSuite PDF Editor

Trojanized PDF Editor: “TamperedChef” Campaign Bypasses Windows SmartScreen

Do Son January 20, 2026

A sophisticated new malvertising campaign dubbed TamperedChef has been serving up more than just productivity tools to...

Fake Windows Executables Target macOS: Inside the “MonetaStealer” Discovery MonetaStealer macOS Malware

MonetaStealer macOS Malware

Fake Windows Executables Target macOS: Inside the “MonetaStealer” Discovery

Do Son January 20, 2026

A bizarre new threat has emerged on the macOS landscape, one that relies on a classic misconception...

Fake Malwarebytes Campaign Exploits DLL Sideloading to Drop Infostealers GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Fake Malwarebytes Campaign Exploits DLL Sideloading to Drop Infostealers

Do Son January 19, 2026

A new and sophisticated malware campaign masquerading as legitimate software installers has been uncovered. In a recent...

DragonForce: The Rise of a New “Ransomware Cartel” Built on LockBit and Conti DNA INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

DragonForce: The Rise of a New “Ransomware Cartel” Built on LockBit and Conti DNA

Do Son January 19, 2026

A comprehensive new analysis by security researchers at S2W details the inner workings of the DragonForce Ransomware...

Fake Productivity Tools: 5 Malicious Chrome Extensions Hijack Enterprise Sessions Amazon Ads Blocker Affiliate Link Hijacking Malicious browser extensions

Amazon Ads Blocker Affiliate Link Hijacking Malicious browser extensions

Fake Productivity Tools: 5 Malicious Chrome Extensions Hijack Enterprise Sessions

Do Son January 19, 2026

A new and sophisticated campaign targeting enterprise environments has been uncovered by Socket’s Threat Research Team. Five...

Invisible Intruder: Fileless Remcos RAT Hides in Shipping Emails Fileless Remcos RAT Phishing Campaign

Fileless Remcos RAT Phishing Campaign

Invisible Intruder: Fileless Remcos RAT Hides in Shipping Emails

Do Son January 19, 2026

A sophisticated new phishing campaign has been detected in the wild, leveraging a fileless variant of the...

New “LOTUSLITE” Backdoor Targets U.S. Government in Suspected Mustang Panda Campaign Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

New “LOTUSLITE” Backdoor Targets U.S. Government in Suspected Mustang Panda Campaign

Do Son January 19, 2026

A new espionage campaign targeting U.S. government entities has been uncovered, utilizing a custom backdoor dubbed LOTUSLITE....

Keylogger Found Harvesting Credentials on Top US Bank’s Employee Store Bank Employee Store Breach Sansec Keylogger

Bank Employee Store Breach Sansec Keylogger

Keylogger Found Harvesting Credentials on Top US Bank’s Employee Store

Do Son January 17, 2026

Security researchers at Sansec have discovered an active keylogger planted on the employee merchandise store of a...

40,000 Hits in 4 Hours: RondoDox Botnet Storms HPE OneView GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

40,000 Hits in 4 Hours: RondoDox Botnet Storms HPE OneView

Do Son January 16, 2026

Check Point Research uncovered a massive, automated assault on HPE OneView. Researchers observed a botnet launching over...

Trusted Tool Turned Traitor: Signed ‘ahost.exe’ Weaponized to Sideload Malware ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

Trusted Tool Turned Traitor: Signed ‘ahost.exe’ Weaponized to Sideload Malware

Do Son January 16, 2026

A routine utility often bundled with developer tools has been weaponized by cybercriminals to bypass security scanners...

SHADOW#REACTOR Malware Builds Remcos RAT via Text Files TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

SHADOW#REACTOR Malware Builds Remcos RAT via Text Files

Do Son January 15, 2026

Security researchers have uncovered a sophisticated new malware framework that is slipping past enterprise defenses by hiding...

VoidLink: The “Cloud-First” Malware Hunting Your Linux Servers Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

VoidLink: The “Cloud-First” Malware Hunting Your Linux Servers

Do Son January 14, 2026

A new, highly sophisticated malware framework has emerged from the shadows, specifically engineered to infest the modern...

Spy, Steal, Lock: deVixor Android Trojan Hits Banking & Crypto Users deVixor Malware Android Banking Trojan

deVixor Malware Android Banking Trojan

Spy, Steal, Lock: deVixor Android Trojan Hits Banking & Crypto Users

Do Son January 14, 2026

A sophisticated new threat has emerged in the mobile banking landscape, combining the stealth of a spy...

Malicious Chrome Extension Drains Crypto via Secret API Keys MEXC API Automator Malware Crypto Wallet Drainer

MEXC API Automator Malware Crypto Wallet Drainer

Malicious Chrome Extension Drains Crypto via Secret API Keys

Do Son January 14, 2026

A seemingly helpful tool for cryptocurrency traders has been exposed as a sophisticated wallet-draining trap. Socket’s Threat...

“TryCloudflare” Abuse: AsyncRAT Exploits Free Tunnels to Build Stealthy WebDAV Network AsyncRAT Malware Cloudflare Tunnel Abuse

AsyncRAT Malware Cloudflare Tunnel Abuse

“TryCloudflare” Abuse: AsyncRAT Exploits Free Tunnels to Build Stealthy WebDAV Network

Do Son January 13, 2026

A sophisticated campaign distributing the AsyncRAT Remote Access Trojan is turning a trusted internet service into a...

RustyWater Rising: MuddyWater Drops PowerShell for Stealthy Rust Implants axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

RustyWater Rising: MuddyWater Drops PowerShell for Stealthy Rust Implants

Do Son January 12, 2026

The notorious MuddyWater APT group has overhauled its arsenal, ditching its traditional scripting tools for a sophisticated...

Collateral Damage: Microsoft Defender Blocks Official MAS Script in Malware War Microsoft Activation Scripts block, Trojan:PowerShell/FakeMas.DA!MTB

Microsoft Activation Scripts block, Trojan:PowerShell/FakeMas.DA!MTB

Collateral Damage: Microsoft Defender Blocks Official MAS Script in Malware War

Do Son January 9, 2026

Microsoft is evidently cognizant of the Microsoft Activation Scripts (MAS), a popular open-source utility; moreover, the corporation...

Guloader Malware Rides Wave of Fake Performance Reports Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Guloader Malware Rides Wave of Fake Performance Reports

Do Son January 9, 2026

Cybercriminals are weaponizing workplace anxiety in a new sophisticated phishing campaign. The AhnLab Security Intelligence Center (ASEC)...

NodeCordRAT: The Trojan Hiding in NPM to Steal Crypto via Discord NodeCordRAT NPM Supply Chain Attack

NodeCordRAT NPM Supply Chain Attack

NodeCordRAT: The Trojan Hiding in NPM to Steal Crypto via Discord

Do Son January 9, 2026

The open-source ecosystem has once again been weaponized, this time targeting developers working with cryptocurrency libraries. In...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-42208
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version...
CVE-2018-1273CVSS 9.8
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a...
CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
CVE-2026-12569
A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The...
CVE-2026-28496CVSS 9.4
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
CVE-2026-21509CVSS 7.8
Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a...
CVE-2026-34908CVSS 10.0
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi...
CVE-2026-34909CVSS 10.0
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS...
CVE-2026-34910CVSS 10.0
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi...
CVE-2025-67038CVSS 9.8
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write...