Malware Archives • Page 34 of 129 • Daily CyberSecurity

Lazarus Subgroup Deploys Three Custom RATs in Targeted Crypto Attacks axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

Lazarus Subgroup Deploys Three Custom RATs in Targeted Crypto Attacks

Do Son September 2, 2025

Fox-IT and NCC Group have released a detailed joint analysis exposing how a Lazarus Group subgroup continues...

Beyond ClickFix: A New Attack Abuses Windows Search to Deliver MetaStealer ChaCha20 Cipher

Beyond ClickFix: A New Attack Abuses Windows Search to Deliver MetaStealer

Do Son September 2, 2025

For over a year, Huntress researchers have been tracking the rise of ClickFix attacks, a form of...

AI Waifu RAT: A New Malware Masquerades as an AI Assistant to Hijack Your PC AI Waifu RAT, social engineering

AI Waifu RAT: A New Malware Masquerades as an AI Assistant to Hijack Your PC

Do Son September 2, 2025

Security researcher Ryingo has released a detailed analysis of a new malware strain dubbed the “AI Waifu...

Malicious npm Package Masquerades as Nodemailer, Drains Crypto Wallets npm package, crypto drainer Malicious Packages Cryptocurrency Theft

Malicious npm Package Masquerades as Nodemailer, Drains Crypto Wallets

Do Son September 1, 2025

Researchers from Socket’s Threat Research Team have uncovered a dangerous npm package, nodejs-smtp, that impersonates the widely...

Fraudulent Scholarship Apps: A New Malware Campaign Targets Students in Bangladesh SikkahBot, Android malware

Fraudulent Scholarship Apps: A New Malware Campaign Targets Students in Bangladesh

Do Son September 1, 2025

Cyble Research and Intelligence Labs (CRIL) has uncovered a new Android malware campaign dubbed SikkahBot, which has...

A Dangerous Loophole in the VS Code Marketplace Is Allowing Malicious Extensions libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

A Dangerous Loophole in the VS Code Marketplace Is Allowing Malicious Extensions

Do Son September 1, 2025

ReversingLabs researchers have uncovered a dangerous loophole in the Visual Studio Code (VS Code) Marketplace that allows...

Trojan Horse: A Fake PDF Editor Is Actually a Malware-Laden Backdoor PDF Editor, malware

Trojan Horse: A Fake PDF Editor Is Actually a Malware-Laden Backdoor

Do Son August 31, 2025

Security researchers at G DATA Security Lab have exposed the AppSuite PDF Editor as a malware-laden backdoor,...

A Deceptive Ad on Facebook Is Spreading Advanced Android Malware malvertising, Android malware

A Deceptive Ad on Facebook Is Spreading Advanced Android Malware

Do Son August 30, 2025

Bitdefender Labs has issued a new warning about a global malvertising campaign abusing Meta’s advertising system to...

MystRodX: A Stealthy New Backdoor Found Hiding in Networks for Over 20 Months MystRodX, stealthy backdoor

MystRodX: A Stealthy New Backdoor Found Hiding in Networks for Over 20 Months

Do Son August 30, 2025

XLab has identified a previously unknown and stealthy backdoor dubbed MystRodX, capable of operating undetected in compromised...

Interlock Ransomware Strikes: A New Strain Is Wrecking Havoc in North America and Europe Interlock ransomware, double extortion

Interlock Ransomware Strikes: A New Strain Is Wrecking Havoc in North America and Europe

Do Son August 29, 2025

The AhnLab Security Emergency Response Center (ASEC) has published new research on the Interlock ransomware group, which...

Is This a Rebrand? New Sinobi Ransomware Group Shows Code Overlap with Lynx Sinobi Group, ransomware

Is This a Rebrand? New Sinobi Ransomware Group Shows Code Overlap with Lynx

Do Son August 29, 2025

Recently, eSentire’s Threat Response Unit (TRU) investigated a ransomware attack that it has attributed to an affiliate...

A Deceptive AI Lure Is Hiding ScreenConnect & XWorm RAT to Hijack Your PC ScreenConnect, XWorm RAT

A Deceptive AI Lure Is Hiding ScreenConnect & XWorm RAT to Hijack Your PC

Do Son August 29, 2025

The SpiderLabs Threat Hunt Team at Trustwave has discovered a malicious campaign abusing AI-themed branding to trick...

PromptLock: A New AI-Powered Ransomware Strain Creates Unique, Elusive Scripts AI ransomware, PromptLock Against Ransomware - RECOPE Ransomware Attack

AI ransomware, PromptLock Against Ransomware - RECOPE Ransomware Attack

PromptLock: A New AI-Powered Ransomware Strain Creates Unique, Elusive Scripts

Do Son August 28, 2025

The cybersecurity company ESET has released a report detailing its latest discovery: an artificial intelligence–driven ransomware strain...

Hook v3: The Banking Trojan That’s Evolving into a Hybrid Ransomware-Spyware Threat Hook malware, Android trojan

Hook v3: The Banking Trojan That’s Evolving into a Hybrid Ransomware-Spyware Threat

Do Son August 27, 2025

The zLabs research team at Zimperium has uncovered a dangerous new evolution of the Hook Android banking...

Google Threat Intelligence Exposes UNC6384’s Stealthy Espionage Campaign UNC6384, cyber-espionage

Google Threat Intelligence Exposes UNC6384’s Stealthy Espionage Campaign

Do Son August 27, 2025

Google Threat Intelligence Group (GTIG) uncovered a complex, multi-stage cyber-espionage campaign attributed to the PRC-linked threat actor...

SpyNote’s New Lure: The Stealthy Campaign Using Fake App Stores Android RAT, SpyNote

SpyNote’s New Lure: The Stealthy Campaign Using Fake App Stores

Do Son August 27, 2025

Researchers at DomainTools have uncovered a persistent SpyNote Android Remote Access Trojan (RAT) campaign, where threat actors...

FortiGuard Labs Uncovers Global Phishing Campaign Using UpCrypter to Deploy RATs Phishing campaign, UpCrypter

FortiGuard Labs Uncovers Global Phishing Campaign Using UpCrypter to Deploy RATs

Do Son August 26, 2025

FortiGuard Labs has uncovered a rapidly spreading phishing campaign that leverages carefully crafted emails and fake websites...

Beyond Banks: Android Malware Is Getting Smarter to Bypass Google Play Protect CVE-2023-20951 Honor Update

Beyond Banks: Android Malware Is Getting Smarter to Bypass Google Play Protect

Do Son August 26, 2025

Droppers—seemingly harmless apps that secretly deliver malware—have long been a key part of Android cybercrime. But according...

Expel Uncovers Malicious PUP Ecosystem Masquerading as Free Utility Apps Potentially unwanted program, residential proxy

Expel Uncovers Malicious PUP Ecosystem Masquerading as Free Utility Apps

Do Son August 26, 2025

For years, potentially unwanted programs (PUPs) have been associated with nuisance-level behavior—displaying ads, installing toolbars, or collecting...

A New Linux Malware Hides in Plain Sight by Weaponizing File Names Linux-filenames

A New Linux Malware Hides in Plain Sight by Weaponizing File Names

Do Son August 25, 2025

Linux has long been considered a fortress of security—a preferred platform for developers, system administrators, and security...