Malware

A New Threat: Unmasking Crypto24 Ransomware’s Stealthy Toolkit INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

A New Threat: Unmasking Crypto24 Ransomware’s Stealthy Toolkit

Do Son August 15, 2025

Trend Micro’s latest research sheds light on Crypto24, a highly coordinated ransomware operation that blends legitimate administrative...

PS1Bot Malware Campaign Unleashes Modular PowerShell Framework with Stealthy New Tricks ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

PS1Bot Malware Campaign Unleashes Modular PowerShell Framework with Stealthy New Tricks

Do Son August 14, 2025

Cisco Talos has uncovered an ongoing and highly active malware campaign deploying a sophisticated, modular framework dubbed...

Critical XZ Backdoor Still Lurks in Docker Images, Posing Supply Chain Risk XZ backdoor, Docker Hub MIFARE classic backdoor C++/CLI IIS Backdoor

XZ backdoor, Docker Hub MIFARE classic backdoor C++/CLI IIS Backdoor

Critical XZ Backdoor Still Lurks in Docker Images, Posing Supply Chain Risk

Do Son August 13, 2025

The backdoor vulnerability in XZ-Utils first came to light in March 2024, and had it not been...

Charon Ransomware Emerges: APT-Style Precision Meets Destructive Encryption Charon Ransomware, APT Tactics

Charon Ransomware, APT Tactics

Charon Ransomware Emerges: APT-Style Precision Meets Destructive Encryption

Do Son August 13, 2025

Trend Research has identified a new ransomware family named Charon, targeting the Middle East’s public sector and...

GitHub Malware Campaign: SmartLoader Poses as Game Cheats to Steal Data SmartLoader, Malware

SmartLoader, Malware

GitHub Malware Campaign: SmartLoader Poses as Game Cheats to Steal Data

Do Son August 13, 2025

The AhnLab SEcurity intelligence Center (ASEC) has uncovered a large-scale malware distribution campaign leveraging GitHub to spread...

Efimer Trojan: New Crypto-Stealer Hijacks Wallets via Fake Legal Threats & Malicious Torrents Efimer Trojan, Crypto Hijacking

Efimer Trojan, Crypto Hijacking

Efimer Trojan: New Crypto-Stealer Hijacks Wallets via Fake Legal Threats & Malicious Torrents

Do Son August 11, 2025

Kaspersky Labs has uncovered a sophisticated, multi-pronged malware operation leveraging fake legal threats, compromised WordPress sites, and...

CastleBot: The New MaaS Framework Fueling Info-Stealer & Ransomware Attacks CastleBot, Malware-as-a-Service

CastleBot, Malware-as-a-Service

CastleBot: The New MaaS Framework Fueling Info-Stealer & Ransomware Attacks

Do Son August 11, 2025

IBM X-Force has unveiled an in-depth analysis of CastleBot, a newly emerging Malware-as-a-Service (MaaS) framework that is...

DarkCloud Rises: New Fileless Stealer Uses PowerShell & Process Hollowing to Evade Detection DarkCloud Stealer, Fileless Malware

DarkCloud Stealer, Fileless Malware

DarkCloud Rises: New Fileless Stealer Uses PowerShell & Process Hollowing to Evade Detection

Do Son August 11, 2025

Researchers from Fortinet’s FortiGuard Labs detected a new DarkCloud campaign deploying a stealthy, fileless payload through a...

RubyGems Under Attack: 60 Malicious Packages Found Stealing Credentials from Grey-Hat Marketers Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

RubyGems Under Attack: 60 Malicious Packages Found Stealing Credentials from Grey-Hat Marketers

Do Son August 8, 2025

Socket’s Threat Research Team has revealed a long-running supply chain attack in the RubyGems ecosystem, where a...

DarkCloud Stealer: New Evasive Tactics Use Obfuscated Scripts & VB6 Payloads to Evade Detection

darkcloud

DarkCloud Stealer: New Evasive Tactics Use Obfuscated Scripts & VB6 Payloads to Evade Detection

Do Son August 8, 2025

Unit 42 researchers have uncovered a significant shift in the distribution tactics of the DarkCloud Stealer malware,...

The Malicious Go Modules: 11 Malicious Go Packages Found on GitHub Deploying Stealthy Malware Go Malware, Supply Chain Attack

Go Malware, Supply Chain Attack

The Malicious Go Modules: 11 Malicious Go Packages Found on GitHub Deploying Stealthy Malware

Do Son August 8, 2025

Socket’s Threat Research Team has uncovered an alarming wave of malicious Go packages—some still live on GitHub—designed...

The SocGholish Malware Economy: Stealthy “Fake Updates” Fuel a Global Cybercrime Ecosystem SocGholish, Initial Access Broker

SocGholish, Initial Access Broker

The SocGholish Malware Economy: Stealthy “Fake Updates” Fuel a Global Cybercrime Ecosystem

Do Son August 8, 2025

Silent Push Threat Analysts have detailed one of today’s most pervasive cyber threats—SocGholish—exposing its deep ties to...

NVIDIA: “No Backdoors, No Kill Switches,” Rejecting Calls for Government Hardware Controls NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

NVIDIA: “No Backdoors, No Kill Switches,” Rejecting Calls for Government Hardware Controls

Do Son August 7, 2025

As the global reliance on high-performance computing deepens, NVIDIA GPUs have become the invisible engines powering everything...

BYOVD Attack: A New AV Killer Exploits a Legitimate Driver to Neutralize Defenses for MedusaLocker Ransomware AV Killer, BYOVD Attack

AV Killer, BYOVD Attack

BYOVD Attack: A New AV Killer Exploits a Legitimate Driver to Neutralize Defenses for MedusaLocker Ransomware

Do Son August 7, 2025

A recent incident response operation in Brazil has revealed a stealthy and destructive threat abusing the trusted...

The WhatsApp Kill Switch: New npm Packages Use Developer’s Phone Number to Wipe Systems

India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

The WhatsApp Kill Switch: New npm Packages Use Developer’s Phone Number to Wipe Systems

Do Son August 7, 2025

Socket’s Threat Research Team has uncovered two malicious npm packages—naya-flore and nvlore-hsc—designed to target developers building WhatsApp...

Cryptocurrency Scams: How Fake Binance Ads Steal Your Data Malware, Cryptocurrency

Malware, Cryptocurrency

Cryptocurrency Scams: How Fake Binance Ads Steal Your Data

Do Son August 7, 2025

AhnLab Security Intelligence Center (ASEC) has uncovered a sophisticated multi-stage malware campaign that targets cryptocurrency users through...

The Candiru Files: New Infrastructure Exposes Stealthy Surveillance Clusters in Hungary, Saudi Arabia, and Indonesia Candiru Spyware, DevilsTongue

Candiru Spyware, DevilsTongue

The Candiru Files: New Infrastructure Exposes Stealthy Surveillance Clusters in Hungary, Saudi Arabia, and Indonesia

Do Son August 7, 2025

In a reminder of the persistent threat posed by commercial spyware vendors, Insikt Group has uncovered new...

CERT-UA Exposes UAC-0099: New Backdoor Toolkit Targets Ukraine’s Defense with Phishing & Stealthy Malware UAC-0099, Ukraine Cyberattack

UAC-0099, Ukraine Cyberattack

CERT-UA Exposes UAC-0099: New Backdoor Toolkit Targets Ukraine’s Defense with Phishing & Stealthy Malware

Do Son August 7, 2025

In a concerning escalation of cyber aggression, Ukraine’s National Cyber Security Incidents Response Team (CERT-UA) has uncovered...

New Android Malware Impersonates Indian Banks to Steal Data & Secretly Mine Monero Android Malware, Cryptojacking

Android Malware, Cryptojacking

New Android Malware Impersonates Indian Banks to Steal Data & Secretly Mine Monero

Do Son August 5, 2025

The McAfee Mobile Research Team has uncovered a sophisticated Android malware campaign that poses a dual threat...

PlayPraetor: New Android RAT Infects 11,000+ Devices with Real-Time On-Device Fraud Android RAT, PlayPraetor

Android RAT, PlayPraetor

PlayPraetor: New Android RAT Infects 11,000+ Devices with Real-Time On-Device Fraud

Do Son August 5, 2025

A large-scale cyber fraud campaign is sweeping across continents, exploiting Android devices. Security researchers at Cleafy have...