Malware Archives • Page 35 of 131 • Daily CyberSecurity

Apple Issues New Spyware Alerts for French Officials and Journalists Apple Zero-Day CVE-2025-43529 WebKit Zero-Day, Targeted iOS Spyware Apple spyware alerts, zero-click attacks Apple, trademark lawsuit CVE-2024-54527 PoC exploit Apple, App Store

Apple Zero-Day CVE-2025-43529 WebKit Zero-Day, Targeted iOS Spyware Apple spyware alerts, zero-click attacks Apple, trademark lawsuit CVE-2024-54527 PoC exploit Apple, App Store

Apple Issues New Spyware Alerts for French Officials and Journalists

Do Son September 12, 2025

Apple occasionally issues spyware attack notifications, publicly disclosing on its website which countries or regions have received...

EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military

Do Son September 12, 2025

Bitdefender Threat researchers have detailed a new and highly sophisticated fileless malware framework named EggStreme, used by...

BlackNevas Ransomware: A Persistent Global Threat With Impossible-to-Decrypt Payloads INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

BlackNevas Ransomware: A Persistent Global Threat With Impossible-to-Decrypt Payloads

Do Son September 12, 2025

AhnLab researchers have published a technical analysis of BlackNevas, a ransomware group that has been steadily launching...

ToneShell Backdoor Evolves With Anti-Analysis Tricks, Continues Targeting Myanmar ToneShell, Mustang Panda

ToneShell Backdoor Evolves With Anti-Analysis Tricks, Continues Targeting Myanmar

Do Son September 12, 2025

Intezer researchers have released a technical analysis of a new variant of ToneShell, a lightweight backdoor tied...

kkRAT: A New Malware Blends Crypto Hijacking with Legitimate RMM Tools

Do Son September 12, 2025

Zscaler ThreatLabz has identified a sophisticated malware campaign active since early May 2025, targeting Chinese-speaking users with...

CyberVolk Ransomware’s Decryption Flaw Makes Data Recovery Impossible The created ransom note

CyberVolk Ransomware’s Decryption Flaw Makes Data Recovery Impossible

Do Son September 11, 2025

AhnLab researchers have released an in-depth technical analysis of the CyberVolk ransomware, a strain that has been...

ChillyHell: A New macOS Backdoor Bypassed Apple Notarization for Years OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

ChillyHell: A New macOS Backdoor Bypassed Apple Notarization for Years

Do Son September 11, 2025

Jamf Threat Labs has uncovered a new variant of the ChillyHell malware family—an advanced, modular backdoor for...

Fake AI Ad Tool “Madgicx Plus” Hijacks Meta Advertiser Accounts LokiBot Steganography, .NET Loader PlugX malware YiBackdoor, ransomware

Fake AI Ad Tool “Madgicx Plus” Hijacks Meta Advertiser Accounts

Do Son September 11, 2025

Cybereason Security Services has uncovered a malicious Chrome extension campaign targeting Meta (Facebook and Instagram) advertisers. Branded...

Luno: A “Self-Healing” Linux Botnet That Mines Crypto and Launches DDoS Attacks Luno botnet, Linux botnet

Luno: A “Self-Healing” Linux Botnet That Mines Crypto and Launches DDoS Attacks

Do Son September 11, 2025

Cyble Research and Intelligence Labs (CRIL) has discovered an active in-the-wild Linux botnet campaign dubbed “Luno,” which...

GONEPOSTAL: New Outlook Backdoor by Russia’s APT28 Uses Email for C2 APT28, GONEPOSTAL

GONEPOSTAL: New Outlook Backdoor by Russia’s APT28 Uses Email for C2

Do Son September 10, 2025

Kroll has identified a new espionage campaign attributed to Russia’s APT28 (Fancy Bear), involving a custom Outlook...

Beyond Cryptominers: A New Malware Strain Is Hijacking Exposed Docker APIs Docker malware, exposed APIs

Beyond Cryptominers: A New Malware Strain Is Hijacking Exposed Docker APIs

Do Son September 10, 2025

The Akamai Hunt Team has discovered a new strain of malware targeting exposed Docker APIs. Unlike earlier...

APT37 Expands Arsenal with Rustonotto Backdoor, PowerShell Chinotto, and FadeStealer North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

APT37 Expands Arsenal with Rustonotto Backdoor, PowerShell Chinotto, and FadeStealer

Do Son September 10, 2025

Zscaler ThreatLabz has uncovered new details about North Korean-aligned threat actor APT37 (also known as ScarCruft, Ruby...

RatOn: The New Android Trojan That Steals Crypto and Uses NFC Relay Attacks RatOn, Android trojan

RatOn: The New Android Trojan That Steals Crypto and Uses NFC Relay Attacks

Do Son September 9, 2025

ThreatFabric has uncovered RatOn, a newly developed Android banking trojan that merges traditional overlay fraud with NFC...

MostereRAT: The New RAT That Is Bypassing Antivirus and EDR Solutions MostereRAT, defense evasion

MostereRAT: The New RAT That Is Bypassing Antivirus and EDR Solutions

Do Son September 9, 2025

FortiGuard Labs has uncovered a sophisticated phishing campaign that deploys a new Remote Access Trojan (RAT) dubbed...

Salat Stealer: A New Go-Based MaaS Is Hijacking Browsers and Crypto Wallets Salat Stealer, MaaS

Salat Stealer: A New Go-Based MaaS Is Hijacking Browsers and Crypto Wallets

Do Son September 9, 2025

CYFIRMA has released an in-depth analysis of Salat Stealer (also known as WEB_RAT), a sophisticated Go-based malware...

Malicious npm Packages Impersonate Flashbots SDKs to Steal Ethereum Wallet Credentials Ethereum, npm supply chain

Malicious npm Packages Impersonate Flashbots SDKs to Steal Ethereum Wallet Credentials

Do Son September 9, 2025

Socket’s Threat Research Team has uncovered a coordinated supply chain attack targeting the Ethereum ecosystem through four...

From CastleLoader to CastleRAT: TAG-150’s Multi-Tiered Cyber Arsenal Expands AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

From CastleLoader to CastleRAT: TAG-150’s Multi-Tiered Cyber Arsenal Expands

Do Son September 9, 2025

Security researchers at Insikt Group have uncovered a major advancement in the operations of a newly designated...

NightshadeC2: A New Botnet Is Using “UAC Prompt Bombing” to Bypass Windows Defender NightshadeC2, UAC Prompt Bombing

NightshadeC2: A New Botnet Is Using “UAC Prompt Bombing” to Bypass Windows Defender

Do Son September 8, 2025

Recently, the eSentire Threat Response Unit (TRU) identified a new botnet family dubbed NightshadeC2, deployed through a...

Beyond Cracked Apps: New macOS Malware Is Using the Terminal to Steal Data Open VSX Malware String-Fragment Reconstruction DarkCloud Stealer, steganography APT 35 Charming Kitten cyclops