Malware Archives • Page 33 of 131 • Daily CyberSecurity

Olymp Loader: New Assembly-Based MaaS Is a Turnkey Solution for Low-Tier Cybercriminals Olymp Loader, MaaS

Olymp Loader: New Assembly-Based MaaS Is a Turnkey Solution for Low-Tier Cybercriminals

Do Son September 30, 2025

A new Malware-as-a-Service (MaaS) offering, dubbed Olymp Loader, is rapidly gaining traction in underground markets. First spotted...

TamperedChef Malware Rises: Deceptive Apps Use Signed Binaries and SEO Poisoning to Hijack Browsers Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

TamperedChef Malware Rises: Deceptive Apps Use Signed Binaries and SEO Poisoning to Hijack Browsers

Do Son September 29, 2025

Field Effect’s Threat Intelligence team has uncovered a new wave of the TamperedChef malware campaign, leveraging digitally...

New Phishing Campaign Impersonates Ukrainian Police to Deliver Amatera Stealer and PureMiner SVG Phishing, Ukraine Malware

New Phishing Campaign Impersonates Ukrainian Police to Deliver Amatera Stealer and PureMiner

Do Son September 29, 2025

FortiGuard Labs recently observed a phishing campaign impersonating Ukrainian government agencies, designed to deliver multiple malware payloads...

Akira Ransomware Exploits SonicWall VPN Accounts With Lightning-Fast Intrusions Akira ransomware affiliates Akira Ransomware, SonicWall VPN

Akira ransomware affiliates Akira Ransomware, SonicWall VPN

Akira Ransomware Exploits SonicWall VPN Accounts With Lightning-Fast Intrusions

Do Son September 29, 2025

Arctic Wolf has observed a major uptick in Akira ransomware activity since late July 2025, with attackers...

From Infostealer to Full RAT: Huntress Uncovers a Multi-Stage Malware Attack Deploying PureRAT AdaptixC2 Abuse, Russian Cybercrime RondoDox Botnet, Exploit Shotgun China Cyber Power, Red Hackers Nvidia cyberattack

AdaptixC2 Abuse, Russian Cybercrime RondoDox Botnet, Exploit Shotgun China Cyber Power, Red Hackers Nvidia cyberattack

From Infostealer to Full RAT: Huntress Uncovers a Multi-Stage Malware Attack Deploying PureRAT

Do Son September 29, 2025

Huntress has published a detailed investigation into a recent intrusion campaign that began as a Python-based infostealer...

XCSSET macOS Malware Evolves: New Variant Targets Firefox, Hijacks Clipboard for Crypto Theft OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

XCSSET macOS Malware Evolves: New Variant Targets Firefox, Hijacks Clipboard for Crypto Theft

Do Son September 29, 2025

Microsoft Threat Intelligence has identified yet another variant of the XCSSET malware, a long-running macOS threat targeting...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Morte Botnet Unveiled: A Rapidly Growing Loader-as-a-Service Campaign Exploiting Routers and Enterprise Apps

Do Son September 29, 2025

Researchers at CloudSEK Threat Intelligence (TRIAD) have exposed a sophisticated botnet operation that systematically compromises SOHO routers,...

Russia-Linked COLDRIVER Group Expands Toolset, Using New Malware in ClickFix Espionage Campaign ThinkPHP Vulnerabilities

Russia-Linked COLDRIVER Group Expands Toolset, Using New Malware in ClickFix Espionage Campaign

Do Son September 29, 2025

Zscaler ThreatLabz has uncovered a new multi-stage ClickFix campaign attributed with moderate confidence to the Russia-linked advanced...

LockBit 5.0 Ransomware: Cross-Platform Evolution Targets Windows, Linux, and ESXi LockBit 5.0, Cross-Platform Ransomware

LockBit 5.0 Ransomware: Cross-Platform Evolution Targets Windows, Linux, and ESXi

Do Son September 27, 2025

Trend Research has released an in-depth analysis of LockBit 5.0, the latest evolution of one of the...

Supply Chain Attack: Malicious Rust Crates Steal Solana and Ethereum Private Keys Rust Crypto Stealer, Typosquatting Attack

Supply Chain Attack: Malicious Rust Crates Steal Solana and Ethereum Private Keys

Do Son September 26, 2025

Socket’s Threat Research Team has uncovered a supply chain attack involving two malicious Rust crates—faster_log and async_println—that...

BRICKSTORM Malware: China-Linked Hackers Stealthily Target US Tech and Legal Firms for 393 Days Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

BRICKSTORM Malware: China-Linked Hackers Stealthily Target US Tech and Legal Firms for 393 Days

Do Son September 26, 2025

Google Threat Intelligence Group (GTIG) and Mandiant Consulting have released new findings on BRICKSTORM, a backdoor malware...

New Lone None Stealer Malware Hijacks Crypto Wallets via Fake Copyright Takedown Notices BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

New Lone None Stealer Malware Hijacks Crypto Wallets via Fake Copyright Takedown Notices

Do Son September 26, 2025

Cofense Intelligence has uncovered an evolving phishing campaign that uses copyright takedown notices as its primary lure....

New LNK Malware Uses Windows LOLBins to Evade Detection Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

New LNK Malware Uses Windows LOLBins to Evade Detection

Do Son September 25, 2025

Researchers at K7 Security Labs have uncovered a new wave of Windows shortcut (.LNK) malware that exploits...

Hidden Backdoors in WordPress: How Attackers Use Fake Plugins and Core Files for Persistent Access Elementor Unauthenticated EoP, CVE-2025-8489 Exploitation WordPress Privilege Escalation, WP Freeio WordPress backdoor Jupiter X Core - CVE-2024-7781 & CVE-2024-7782

Elementor Unauthenticated EoP, CVE-2025-8489 Exploitation WordPress Privilege Escalation, WP Freeio WordPress backdoor Jupiter X Core - CVE-2024-7781 & CVE-2024-7782

Hidden Backdoors in WordPress: How Attackers Use Fake Plugins and Core Files for Persistent Access

Do Son September 25, 2025

Security researcher Puja Srivastava from Sucuri uncovered two malicious files designed to guarantee persistent attacker access by...

ShadowV2: How a New DDoS Botnet Mimics Cloud-Native Apps ShadowV2, DDoS

ShadowV2: How a New DDoS Botnet Mimics Cloud-Native Apps

Do Son September 25, 2025

Researchers at Darktrace have identified a sophisticated new campaign that merges traditional malware techniques with modern DevOps...

New Malware “YiBackdoor” Linked to IcedID and Latrodectus LokiBot Steganography, .NET Loader PlugX malware YiBackdoor, ransomware

New Malware “YiBackdoor” Linked to IcedID and Latrodectus

Do Son September 24, 2025

Researchers at Zscaler ThreatLabz have uncovered a new malware family, dubbed YiBackdoor, first observed in June 2025....

Zloader Resurfaces: Stealthier Trojan Evolves with DNS Tunneling and WebSocket C2 Zloader, ransomware

Zloader Resurfaces: Stealthier Trojan Evolves with DNS Tunneling and WebSocket C2

Do Son September 24, 2025

After nearly two years of silence, Zloader (a.k.a. Terdot, DELoader, or Silent Night) has returned with new...

BlockBlasters: When a Steam Game Turns Into a Malware Delivery Vehicle WAGO, vulnerability, industrial automation BlockBlasters, Steam malware Baxter Life2000 Ventilation System - CVE-2024-48966

WAGO, vulnerability, industrial automation BlockBlasters, Steam malware Baxter Life2000 Ventilation System - CVE-2024-48966

BlockBlasters: When a Steam Game Turns Into a Malware Delivery Vehicle

Do Son September 23, 2025

What began as a promising indie platformer has turned into one of the most alarming cases of...

Banking Trojans Masquerading as Government and Payment Apps Target Android Users in Southeast Asia Android banking trojan, BankBot

Banking Trojans Masquerading as Government and Payment Apps Target Android Users in Southeast Asia

Do Son September 23, 2025

Since August 2024, a financially motivated threat group has been targeting Indonesian and Vietnamese Android users with...

Beyond Trust: A New Campaign Is Using a Legitimate Tool to Deliver RATs ConnectWise ScreenConnect, RMM tool abuse

Beyond Trust: A New Campaign Is Using a Legitimate Tool to Deliver RATs

Do Son September 23, 2025

A new report from Hunt Intelligence reveals how attackers are abusing ConnectWise ScreenConnect (formerly ConnectWise Control) to...