Malware Archives • Page 36 of 131 • Daily CyberSecurity

NotDoor: A New Backdoor by Russia’s APT28 Is Hiding in Microsoft Outlook Macros APT28, NotDoor

NotDoor: A New Backdoor by Russia’s APT28 Is Hiding in Microsoft Outlook Macros

Do Son September 5, 2025

The intelligence team at LAB52 (S2 Grupo) has uncovered a sophisticated new backdoor campaign attributed to APT28,...

Stealerium: How an Open-Source Infostealer Is Being Used in Phishing Campaigns Stealerium, infostealer

Stealerium: How an Open-Source Infostealer Is Being Used in Phishing Campaigns

Do Son September 4, 2025

Proofpoint threat researchers have uncovered a surge in campaigns distributing Stealerium-based malware, an open-source infostealer first released...

Crypto as a Weapon: Malicious npm Packages Use Ethereum Smart Contracts for C2 GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Crypto as a Weapon: Malicious npm Packages Use Ethereum Smart Contracts for C2

Do Son September 4, 2025

Researchers from ReversingLabs have discovered two malicious npm packages leveraging Ethereum smart contracts to conceal and deliver...

Obscura: A Stealthy New Go-Based Ransomware Is Abusing Domain Controllers Obscura ransomware, domain controller

Obscura: A Stealthy New Go-Based Ransomware Is Abusing Domain Controllers

Do Son September 4, 2025

Security analysts at Huntress reported the discovery of a previously unseen ransomware variant, named Obscura. The malware...

DireWolf: The New Ransomware Group Targeting Global Businesses DireWolf execution flow

DireWolf: The New Ransomware Group Targeting Global Businesses

Do Son September 4, 2025

The DireWolf ransomware group, first emerging in May 2025, has rapidly evolved into a formidable cyber threat...

Inf0s3c Stealer: A Stealthy Python Malware Is Abusing Discord to Steal Data Inf0s3c Stealer, Windows malware

Inf0s3c Stealer: A Stealthy Python Malware Is Abusing Discord to Steal Data

Do Son September 3, 2025

Cyfirma’s Threat Intelligence team has released a technical analysis of Inf0s3c Stealer, a Python-based information grabber designed...

Predators for Hire: A New Report Exposes the Thriving Global Spyware Industry Commercial spyware, Pegasus Predator mobile spyware

Predators for Hire: A New Report Exposes the Thriving Global Spyware Industry

Do Son September 3, 2025

Commercial spyware is no longer the shadowy tool of a few niche companies—it has grown into a...

TinkyWinkey: A Stealthy New Keylogger Is Hunting for Credentials on Windows TinkyWinkey Keylogger, Windows malware

TinkyWinkey: A Stealthy New Keylogger Is Hunting for Credentials on Windows

Do Son September 2, 2025

Researchers at CYFIRMA have released an in-depth analysis of a newly observed Windows malware family dubbed the...

Lazarus Subgroup Deploys Three Custom RATs in Targeted Crypto Attacks axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

Lazarus Subgroup Deploys Three Custom RATs in Targeted Crypto Attacks

Do Son September 2, 2025

Fox-IT and NCC Group have released a detailed joint analysis exposing how a Lazarus Group subgroup continues...

Beyond ClickFix: A New Attack Abuses Windows Search to Deliver MetaStealer ChaCha20 Cipher

Beyond ClickFix: A New Attack Abuses Windows Search to Deliver MetaStealer

Do Son September 2, 2025

For over a year, Huntress researchers have been tracking the rise of ClickFix attacks, a form of...

AI Waifu RAT: A New Malware Masquerades as an AI Assistant to Hijack Your PC AI Waifu RAT, social engineering

AI Waifu RAT: A New Malware Masquerades as an AI Assistant to Hijack Your PC

Do Son September 2, 2025

Security researcher Ryingo has released a detailed analysis of a new malware strain dubbed the “AI Waifu...

Malicious npm Package Masquerades as Nodemailer, Drains Crypto Wallets npm package, crypto drainer Malicious Packages Cryptocurrency Theft

Malicious npm Package Masquerades as Nodemailer, Drains Crypto Wallets

Do Son September 1, 2025

Researchers from Socket’s Threat Research Team have uncovered a dangerous npm package, nodejs-smtp, that impersonates the widely...

Fraudulent Scholarship Apps: A New Malware Campaign Targets Students in Bangladesh SikkahBot, Android malware

Fraudulent Scholarship Apps: A New Malware Campaign Targets Students in Bangladesh

Do Son September 1, 2025

Cyble Research and Intelligence Labs (CRIL) has uncovered a new Android malware campaign dubbed SikkahBot, which has...

A Dangerous Loophole in the VS Code Marketplace Is Allowing Malicious Extensions libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

A Dangerous Loophole in the VS Code Marketplace Is Allowing Malicious Extensions

Do Son September 1, 2025

ReversingLabs researchers have uncovered a dangerous loophole in the Visual Studio Code (VS Code) Marketplace that allows...

Trojan Horse: A Fake PDF Editor Is Actually a Malware-Laden Backdoor PDF Editor, malware

Trojan Horse: A Fake PDF Editor Is Actually a Malware-Laden Backdoor

Do Son August 31, 2025

Security researchers at G DATA Security Lab have exposed the AppSuite PDF Editor as a malware-laden backdoor,...

A Deceptive Ad on Facebook Is Spreading Advanced Android Malware malvertising, Android malware

A Deceptive Ad on Facebook Is Spreading Advanced Android Malware

Do Son August 30, 2025

Bitdefender Labs has issued a new warning about a global malvertising campaign abusing Meta’s advertising system to...

MystRodX: A Stealthy New Backdoor Found Hiding in Networks for Over 20 Months MystRodX, stealthy backdoor

MystRodX: A Stealthy New Backdoor Found Hiding in Networks for Over 20 Months

Do Son August 30, 2025

XLab has identified a previously unknown and stealthy backdoor dubbed MystRodX, capable of operating undetected in compromised...

Interlock Ransomware Strikes: A New Strain Is Wrecking Havoc in North America and Europe Interlock ransomware, double extortion

Interlock Ransomware Strikes: A New Strain Is Wrecking Havoc in North America and Europe

Do Son August 29, 2025

The AhnLab Security Emergency Response Center (ASEC) has published new research on the Interlock ransomware group, which...

Is This a Rebrand? New Sinobi Ransomware Group Shows Code Overlap with Lynx Sinobi Group, ransomware

Is This a Rebrand? New Sinobi Ransomware Group Shows Code Overlap with Lynx

Do Son August 29, 2025

Recently, eSentire’s Threat Response Unit (TRU) investigated a ransomware attack that it has attributed to an affiliate...

A Deceptive AI Lure Is Hiding ScreenConnect & XWorm RAT to Hijack Your PC ScreenConnect, XWorm RAT

A Deceptive AI Lure Is Hiding ScreenConnect & XWorm RAT to Hijack Your PC

Do Son August 29, 2025

The SpiderLabs Threat Hunt Team at Trustwave has discovered a malicious campaign abusing AI-themed branding to trick...