Malware Archives • Page 31 of 129 • Daily CyberSecurity

LockBit 5.0 Ransomware: Cross-Platform Evolution Targets Windows, Linux, and ESXi LockBit 5.0, Cross-Platform Ransomware

LockBit 5.0 Ransomware: Cross-Platform Evolution Targets Windows, Linux, and ESXi

Do Son September 27, 2025

Trend Research has released an in-depth analysis of LockBit 5.0, the latest evolution of one of the...

Supply Chain Attack: Malicious Rust Crates Steal Solana and Ethereum Private Keys Rust Crypto Stealer, Typosquatting Attack

Supply Chain Attack: Malicious Rust Crates Steal Solana and Ethereum Private Keys

Do Son September 26, 2025

Socket’s Threat Research Team has uncovered a supply chain attack involving two malicious Rust crates—faster_log and async_println—that...

BRICKSTORM Malware: China-Linked Hackers Stealthily Target US Tech and Legal Firms for 393 Days Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

BRICKSTORM Malware: China-Linked Hackers Stealthily Target US Tech and Legal Firms for 393 Days

Do Son September 26, 2025

Google Threat Intelligence Group (GTIG) and Mandiant Consulting have released new findings on BRICKSTORM, a backdoor malware...

New Lone None Stealer Malware Hijacks Crypto Wallets via Fake Copyright Takedown Notices BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

New Lone None Stealer Malware Hijacks Crypto Wallets via Fake Copyright Takedown Notices

Do Son September 26, 2025

Cofense Intelligence has uncovered an evolving phishing campaign that uses copyright takedown notices as its primary lure....

New LNK Malware Uses Windows LOLBins to Evade Detection Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

New LNK Malware Uses Windows LOLBins to Evade Detection

Do Son September 25, 2025

Researchers at K7 Security Labs have uncovered a new wave of Windows shortcut (.LNK) malware that exploits...

Hidden Backdoors in WordPress: How Attackers Use Fake Plugins and Core Files for Persistent Access Elementor Unauthenticated EoP, CVE-2025-8489 Exploitation WordPress Privilege Escalation, WP Freeio WordPress backdoor Jupiter X Core - CVE-2024-7781 & CVE-2024-7782

Elementor Unauthenticated EoP, CVE-2025-8489 Exploitation WordPress Privilege Escalation, WP Freeio WordPress backdoor Jupiter X Core - CVE-2024-7781 & CVE-2024-7782

Hidden Backdoors in WordPress: How Attackers Use Fake Plugins and Core Files for Persistent Access

Do Son September 25, 2025

Security researcher Puja Srivastava from Sucuri uncovered two malicious files designed to guarantee persistent attacker access by...

ShadowV2: How a New DDoS Botnet Mimics Cloud-Native Apps ShadowV2, DDoS

ShadowV2: How a New DDoS Botnet Mimics Cloud-Native Apps

Do Son September 25, 2025

Researchers at Darktrace have identified a sophisticated new campaign that merges traditional malware techniques with modern DevOps...

New Malware “YiBackdoor” Linked to IcedID and Latrodectus LokiBot Steganography, .NET Loader PlugX malware YiBackdoor, ransomware

New Malware “YiBackdoor” Linked to IcedID and Latrodectus

Do Son September 24, 2025

Researchers at Zscaler ThreatLabz have uncovered a new malware family, dubbed YiBackdoor, first observed in June 2025....

Zloader Resurfaces: Stealthier Trojan Evolves with DNS Tunneling and WebSocket C2 Zloader, ransomware

Zloader Resurfaces: Stealthier Trojan Evolves with DNS Tunneling and WebSocket C2

Do Son September 24, 2025

After nearly two years of silence, Zloader (a.k.a. Terdot, DELoader, or Silent Night) has returned with new...

BlockBlasters: When a Steam Game Turns Into a Malware Delivery Vehicle WAGO, vulnerability, industrial automation BlockBlasters, Steam malware Baxter Life2000 Ventilation System - CVE-2024-48966

WAGO, vulnerability, industrial automation BlockBlasters, Steam malware Baxter Life2000 Ventilation System - CVE-2024-48966

BlockBlasters: When a Steam Game Turns Into a Malware Delivery Vehicle

Do Son September 23, 2025

What began as a promising indie platformer has turned into one of the most alarming cases of...

Banking Trojans Masquerading as Government and Payment Apps Target Android Users in Southeast Asia Android banking trojan, BankBot

Banking Trojans Masquerading as Government and Payment Apps Target Android Users in Southeast Asia

Do Son September 23, 2025

Since August 2024, a financially motivated threat group has been targeting Indonesian and Vietnamese Android users with...

Beyond Trust: A New Campaign Is Using a Legitimate Tool to Deliver RATs ConnectWise ScreenConnect, RMM tool abuse

Beyond Trust: A New Campaign Is Using a Legitimate Tool to Deliver RATs

Do Son September 23, 2025

A new report from Hunt Intelligence reveals how attackers are abusing ConnectWise ScreenConnect (formerly ConnectWise Control) to...

SystemBC Botnet Evolves Into High-Volume VPS Proxy Network, Powering Criminal Ecosystem Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

SystemBC Botnet Evolves Into High-Volume VPS Proxy Network, Powering Criminal Ecosystem

Do Son September 23, 2025

The Black Lotus Labs team at Lumen Technologies has uncovered major new infrastructure behind the SystemBC botnet,...

CountLoader: A New Malware Loader Linked to Russian Ransomware Groups Osiris Ransomware Inc Ransomware Connection CountLoader Massive Ransomware Campaign CVE-2025-0289

Osiris Ransomware Inc Ransomware Connection CountLoader Massive Ransomware Campaign CVE-2025-0289

CountLoader: A New Malware Loader Linked to Russian Ransomware Groups

Do Son September 22, 2025

Researchers at Silent Push have identified a newly emerging malware loader dubbed CountLoader, which they assess to...

PyPI Under Attack: New Malware ‘SilentSync’ Is Stealing Credentials SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

PyPI Under Attack: New Malware ‘SilentSync’ Is Stealing Credentials

Do Son September 22, 2025

Zscaler ThreatLabz has uncovered yet another supply chain attack against the Python Package Index (PyPI). In August...

GOLD SALEM: A New Ransomware Group Is Exploiting SharePoint Flaws Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

GOLD SALEM: A New Ransomware Group Is Exploiting SharePoint Flaws

Do Son September 22, 2025

Researchers from the Sophos Counter Threat Unit (CTU) have published new intelligence on a rising ransomware group...

CISA Warns of Malicious Listener Malware Exploiting Ivanti Endpoint Manager Mobile Cisco VPN Zero-Day, ASA Vulnerability Ivanti Vulnerabilities Wing FTP Server, RCE Exploit CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor

Cisco VPN Zero-Day, ASA Vulnerability Ivanti Vulnerabilities Wing FTP Server, RCE Exploit CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor

CISA Warns of Malicious Listener Malware Exploiting Ivanti Endpoint Manager Mobile

Do Son September 19, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has published a new Malware Analysis Report (MAR) detailing how...

XillenStealer: New Open-Source Malware Lowers Cybercrime Barrier XillenStealer, open-source malware

XillenStealer: New Open-Source Malware Lowers Cybercrime Barrier

Do Son September 19, 2025

CYFIRMA has released a detailed threat intelligence assessment of XillenStealer, an emerging open-source, Python-based malware family that...

North Korean Hackers Evolve Tactics with New Malware Campaign North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korean Hackers Evolve Tactics with New Malware Campaign

Do Son September 19, 2025

GitLab Threat Intelligence has published a detailed analysis of a new malware campaign linked to North Korean...

FileFix: A New Attack Hides Malware in Plain Sight FBI email system hack

FileFix: A New Attack Hides Malware in Plain Sight

Do Son September 18, 2025

Researchers from Acronis’ Threat Research Unit (TRU) have uncovered a rare in-the-wild FileFix campaign, marking the first...