Malware Archives • Page 38 of 129 • Daily CyberSecurity

Soco404: New Stealthy Cryptojacking Campaign Exploits Cloud Misconfigurations and PostgreSQL to Mine Crypto cloud-attack-flow

Soco404: New Stealthy Cryptojacking Campaign Exploits Cloud Misconfigurations and PostgreSQL to Mine Crypto

Do Son July 25, 2025

Wiz Research has uncovered a persistent and evolving cryptojacking operation known as “Soco404,” a campaign that exploits...

EdskManager RAT: New Stealthy Malware Leverages HVNC for Covert Remote Access & Evasion EdskManager RAT, HVNC Malware

EdskManager RAT: New Stealthy Malware Leverages HVNC for Covert Remote Access & Evasion

Do Son July 24, 2025

In its latest threat intelligence report, CYFIRMA has detailed the discovery of EdskManager RAT, a sophisticated remote...

First in the Wild: Coyote Banking Trojan Exploits Microsoft’s UI Automation to Steal Credentials Undetected

Do Son July 24, 2025

Akamai has confirmed the first observed abuse of Microsoft’s UI Automation (UIA) framework by malware in the...

Arch Linux Alert: Malicious Firefox, LibreWolf, & Zen Web AUR Packages Spread CHAOS RAT Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Arch Linux Alert: Malicious Firefox, LibreWolf, & Zen Web AUR Packages Spread CHAOS RAT

Do Son July 23, 2025

If you are an Arch Linux user and have installed Mozilla Firefox, LibreWolf, or Zen Web from...

Lumma Stealer Resurfaces After Takedown: New Stealth Tactics Target Users via Fake Cracks, CAPTCHAs & GitHub Lumma Stealer, Malware Resurgence

Lumma Stealer Resurfaces After Takedown: New Stealth Tactics Target Users via Fake Cracks, CAPTCHAs & GitHub

Do Son July 23, 2025

The Lumma Stealer malware suffered a massive takedown in May 2025, with over 2,300 malicious domains seized....

AmateraStealer (ACRStealer) Evolves: New Version Uses Low-Level NTAPIs & Heaven’s Gate for Evasion AmateraStealer, Infostealer Evolution

AmateraStealer (ACRStealer) Evolves: New Version Uses Low-Level NTAPIs & Heaven’s Gate for Evasion

Do Son July 23, 2025

ACRStealer—recently rebranded as AmateraStealer—has emerged as one of the most sophisticated infostealers in the wild, marked by...

DCHSpy Android Spyware Linked to Iran’s MuddyWater APT, Targets Geopolitical Foes with Starlink Lures Android Spyware, MuddyWater APT

DCHSpy Android Spyware Linked to Iran’s MuddyWater APT, Targets Geopolitical Foes with Starlink Lures

Do Son July 23, 2025

A newly evolved version of the Android surveillanceware family known as DCHSpy is making waves in the...

Android Malware Strikes: Fake Facebook & TikTok Apps Impersonate Brands for Traffic Monetization BadBox 2.0, Android Botnet Alien spyware - CVE-2024-43093

Android Malware Strikes: Fake Facebook & TikTok Apps Impersonate Brands for Traffic Monetization

Do Son July 22, 2025

Trustwave SpiderLabs has identified an active Android malware cluster that blends brand impersonation with traffic monetization tactics,...

NailaoLocker Ransomware: Chinese SM2 Crypto and Built-in Decryptor Raise Questions

Do Son July 22, 2025

FortiGuard Labs uncovered a ransomware variant. Dubbed NailaoLocker, this malware isn’t just another file-encrypting threat. It brings...

SVF Botnet: New Python DDoS Threat Leverages Discord for Stealthy C&C on Linux Servers Linux Botnet Discord C2

SVF Botnet: New Python DDoS Threat Leverages Discord for Stealthy C&C on Linux Servers

Do Son July 22, 2025

In a recent analysis, AhnLab’s Security Intelligence Center (ASEC) has uncovered an emerging threat targeting misconfigured and...

DeedRAT Backdoor: Chinese APT Targets Southeast Asian Governments via Vulnerable AV Software DeedRAT, Chinese Cyberattack

DeedRAT Backdoor: Chinese APT Targets Southeast Asian Governments via Vulnerable AV Software

Do Son July 22, 2025

In a newly uncovered campaign, LAB52 — the intelligence team at S2 Group — has identified a...

Ghost Crypt & PureRAT: New Stealthy Malware Targets Accounting Firm via “Process Hypnosis” Ghost Crypt, PureRAT

Ghost Crypt & PureRAT: New Stealthy Malware Targets Accounting Firm via “Process Hypnosis”

Do Son July 22, 2025

eSentire’s Threat Response Unit (TRU) uncovered a sophisticated attack against a certified public accounting firm in the...

Katz Stealer: The $100/Month MaaS Threat Plundering Digital Identities Undetected Katz Stealer, Info-Stealer MaaS

Katz Stealer: The $100/Month MaaS Threat Plundering Digital Identities Undetected

Do Son July 21, 2025

In the crowded arena of information-stealing malware, Katz Stealer is quickly establishing itself as one of the...

Matanbuchus 3.0 Levels Up: New Stealthy Malware Loader Exploits Microsoft Teams ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

Matanbuchus 3.0 Levels Up: New Stealthy Malware Loader Exploits Microsoft Teams

Do Son July 21, 2025

Matanbuchus, a well-known malware loader sold as Malware-as-a-Service (MaaS), has just leveled up. In its latest evolution—Matanbuchus...

SilentRoute: Trojanized SonicWall VPN Client Used to Steal Enterprise Credentials SonicWall Malware, Supply Chain Attack

SilentRoute: Trojanized SonicWall VPN Client Used to Steal Enterprise Credentials

Do Son July 21, 2025

In a newly uncovered software supply chain attack, threat actors have successfully deployed a backdoored version of...

PyPI Supply Chain Attack: “cloudscrapersafe” Steals Credit Cards via Fake Python Library PyPI Supply Chain, Credit Card Theft

PyPI Supply Chain Attack: “cloudscrapersafe” Steals Credit Cards via Fake Python Library

Do Son July 20, 2025

Imperva researchers have uncovered a supply chain attack masquerading as a popular Python utility. The package in...

KAWA4096: New Ransomware Blends Qilin & Akira Tactics, Hits US and Japan KAWA4096 Ransomware, Hybrid Ransomware

KAWA4096: New Ransomware Blends Qilin & Akira Tactics, Hits US and Japan

Do Son July 19, 2025

A new ransomware family known as KAWA4096 has surfaced, blending tactics from notorious groups like Qilin and...

Google Sues BadBox 2.0 Botnet Operators, Protecting 10 Million+ Infected Android Devices BadBox 2.0, Android Botnet Alien spyware - CVE-2024-43093

Google Sues BadBox 2.0 Botnet Operators, Protecting 10 Million+ Infected Android Devices

Do Son July 18, 2025

In response to the escalating wave of cybersecurity threats, Google has filed a lawsuit against the operators...

GitHub Abused in Amadey MaaS Campaign: Talos Uncovers Malware-as-a-Service Network Leveraging Public Repositories GitHub MaaS, Emmenhtal Loader

GitHub Abused in Amadey MaaS Campaign: Talos Uncovers Malware-as-a-Service Network Leveraging Public Repositories

Do Son July 18, 2025

Cisco Talos has uncovered a multi-pronged Malware-as-a-Service (MaaS) operation exploiting public GitHub repositories to distribute a wide...

GhostContainer: Kaspersky Uncovers Stealthy Backdoor Infiltrating Government & High-Tech Exchange Servers Exchange Backdoor, GhostContainer

GhostContainer: Kaspersky Uncovers Stealthy Backdoor Infiltrating Government & High-Tech Exchange Servers

Do Son July 18, 2025

In a recent incident response operation, Kaspersky Labs uncovered a highly sophisticated backdoor named GhostContainer, designed to...