Malware

New macOS Infostealer Slips Past Apple’s Defenses with Code Signing and Notarization

• Malware

New macOS Infostealer Slips Past Apple’s Defenses with Code Signing and Notarization

Do Son July 18, 2025 0

Jamf Threat Labs has uncovered a sophisticated new macOS infostealer variant that managed to bypass Apple’s security...

Read More Read more about New macOS Infostealer Slips Past Apple’s Defenses with Code Signing and Notarization

H2Miner Botnet Unleashes Lcrypt0rx: Flawed, AI-Generated Ransomware with Zero Detection Rates

• Malware

H2Miner Botnet Unleashes Lcrypt0rx: Flawed, AI-Generated Ransomware with Zero Detection Rates

Do Son July 18, 2025 0

A new investigation by the FortiCNAPP team, part of FortiGuard Labs, has revealed a disturbing evolution in...

Read More Read more about H2Miner Botnet Unleashes Lcrypt0rx: Flawed, AI-Generated Ransomware with Zero Detection Rates

Stealthy SquidLoader Malware Targets Hong Kong Financial Firms with Evasive Cobalt Strike Attacks

• Malware

Stealthy SquidLoader Malware Targets Hong Kong Financial Firms with Evasive Cobalt Strike Attacks

Do Son July 17, 2025 0

Trellix’s threat intelligence team has uncovered a stealthy malware campaign aimed squarely at financial services institutions in...

Read More Read more about Stealthy SquidLoader Malware Targets Hong Kong Financial Firms with Evasive Cobalt Strike Attacks

Hidden Protestware Found in 28+ npm Packages: Silently Targeting Russian Users

• Malware

Hidden Protestware Found in 28+ npm Packages: Silently Targeting Russian Users

Do Son July 17, 2025 0

In a revelation for the JavaScript ecosystem, Socket’s Threat Research Team has uncovered the widespread proliferation of...

Read More Read more about Hidden Protestware Found in 28+ npm Packages: Silently Targeting Russian Users

Warning: Fake Remittance Apps Target Bangladeshi Expats, Stealing IDs & Financial Data

• Malware

Warning: Fake Remittance Apps Target Bangladeshi Expats, Stealing IDs & Financial Data

Do Son July 16, 2025 0

McAfee’s Mobile Research Team has uncovered a highly active Android malware campaign targeting Bengali-speaking users, particularly Bangladeshi...

Read More Read more about Warning: Fake Remittance Apps Target Bangladeshi Expats, Stealing IDs & Financial Data

Warning: “Educational” Octalyn Forensic Toolkit is a Dangerous Telegram-Controlled Credential Stealer

• Malware

Warning: “Educational” Octalyn Forensic Toolkit is a Dangerous Telegram-Controlled Credential Stealer

Do Son July 16, 2025 0

Researchers at Cyfirma have uncovered a disturbing example of how a so-called “educational” tool can cross the...

Read More Read more about Warning: “Educational” Octalyn Forensic Toolkit is a Dangerous Telegram-Controlled Credential Stealer

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again

• Malware

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again

Do Son July 15, 2025 0

A new chapter in the ongoing Contagious Interview campaign has emerged, as the Socket Threat Research Team...

Read More Read more about XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again

HazyBeacon: Novel Backdoor Uses AWS Lambda for Stealthy C2, Targets Govts

• Malware

HazyBeacon: Novel Backdoor Uses AWS Lambda for Stealthy C2, Targets Govts

Do Son July 15, 2025 0

Researchers from Unit 42 at Palo Alto Networks have uncovered a novel backdoor—HazyBeacon—used by a threat cluster...

Read More Read more about HazyBeacon: Novel Backdoor Uses AWS Lambda for Stealthy C2, Targets Govts

BlackSuit: New Royal/Conti Rebrand Hits With Speed, Stealth, & Data Exfiltration

• Malware

BlackSuit: New Royal/Conti Rebrand Hits With Speed, Stealth, & Data Exfiltration

Do Son July 15, 2025 0

A recent Cybereason investigation has shed light on a highly coordinated and destructive ransomware campaign carried out...

Read More Read more about BlackSuit: New Royal/Conti Rebrand Hits With Speed, Stealth, & Data Exfiltration

Interlock RAT Gets PHP Makeover: New Variant Uses Steganography & ClickFix for Stealthy Infiltration

• Malware

Interlock RAT Gets PHP Makeover: New Variant Uses Steganography & ClickFix for Stealthy Infiltration

Do Son July 14, 2025 0

Researchers from The DFIR Report, in collaboration with Proofpoint, have uncovered a stealthy and resilient variant of...

Read More Read more about Interlock RAT Gets PHP Makeover: New Variant Uses Steganography & ClickFix for Stealthy Infiltration

SLOW#TEMPEST: Advanced Obfuscation Evades Static Analysis With CFG & Indirect Calls

• Malware

SLOW#TEMPEST: Advanced Obfuscation Evades Static Analysis With CFG & Indirect Calls

Do Son July 14, 2025 0

In late 2024, security researchers from Unit 42 uncovered a sophisticated new variant of the malware associated...

Read More Read more about SLOW#TEMPEST: Advanced Obfuscation Evades Static Analysis With CFG & Indirect Calls

WordPress Supply Chain Attack: Gravity Forms Plugin Backdoored Through Official Downloads

• Malware

WordPress Supply Chain Attack: Gravity Forms Plugin Backdoored Through Official Downloads

Do Son July 14, 2025 0

In a concerning development for WordPress site administrators, the Patchstack team has uncovered a targeted supply chain...

Read More Read more about WordPress Supply Chain Attack: Gravity Forms Plugin Backdoored Through Official Downloads

Fake Free VPN & Minecraft Mod Repositories Deliver Lumma Stealer

• Malware

Fake Free VPN & Minecraft Mod Repositories Deliver Lumma Stealer

Do Son July 14, 2025 0

Cybercriminals are once again exploiting the trust users place in popular platforms like GitHub to spread sophisticated...

Read More Read more about Fake Free VPN & Minecraft Mod Repositories Deliver Lumma Stealer

New macOS.ZuRu Variant Uses Trojanized Termius App to Infiltrate Systems

• Malware

New macOS.ZuRu Variant Uses Trojanized Termius App to Infiltrate Systems

Do Son July 11, 2025 0

A newly uncovered variant of the notorious macOS.ZuRu malware is now using a trojanized version of Termius,...

Read More Read more about New macOS.ZuRu Variant Uses Trojanized Termius App to Infiltrate Systems

SafePay Ransomware Unleashed: New LockBit 3.0 Variant Hits 200+ MSPs & SMBs Worldwide

• Malware

SafePay Ransomware Unleashed: New LockBit 3.0 Variant Hits 200+ MSPs & SMBs Worldwide

Do Son July 11, 2025 0

A new ransomware group known as SafePay has swiftly risen from obscurity to infamy in Q1 2025,...

Read More Read more about SafePay Ransomware Unleashed: New LockBit 3.0 Variant Hits 200+ MSPs & SMBs Worldwide

Iranian Ransomware “Pay2Key.I2P” Resurfaces on I2P Network, Offering 80% Profit for Targeting Western Enemies

• Malware

Iranian Ransomware “Pay2Key.I2P” Resurfaces on I2P Network, Offering 80% Profit for Targeting Western Enemies

Do Son July 11, 2025 0

In the shadow of geopolitical tensions among Iran, Israel, and the United States, an ominous threat has...

Read More Read more about Iranian Ransomware “Pay2Key.I2P” Resurfaces on I2P Network, Offering 80% Profit for Targeting Western Enemies

From Stealer to Spy: AMOS Malware Evolves into Full-Fledged Backdoor Threat for macOS

• Malware

From Stealer to Spy: AMOS Malware Evolves into Full-Fledged Backdoor Threat for macOS

Do Son July 10, 2025 0

In a disturbing evolution of macOS malware, Moonlock Lab has discovered that Atomic macOS Stealer (AMOS)—already notorious...

Read More Read more about From Stealer to Spy: AMOS Malware Evolves into Full-Fledged Backdoor Threat for macOS

Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

• Malware
• Vulnerability Report

Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

Do Son July 10, 2025 0

The AhnLab Security Intelligence Center (ASEC) has issued a fresh warning on the ongoing exploitation of a...

Read More Read more about Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

VS Code ETHcode Extension Hacked: Just 2 Lines of Code Led to Supply Chain Compromise Via GitHub PR

• Malware

VS Code ETHcode Extension Hacked: Just 2 Lines of Code Led to Supply Chain Compromise Via GitHub PR

Do Son July 9, 2025 0

Researchers at ReversingLabs (RL) have uncovered a supply chain compromise of the popular ETHcode extension for Visual...

Read More Read more about VS Code ETHcode Extension Hacked: Just 2 Lines of Code Led to Supply Chain Compromise Via GitHub PR

Anatsa Resurfaces: Banking Trojan Targets North America via Google Play

• Malware

Anatsa Resurfaces: Banking Trojan Targets North America via Google Play

Do Son July 9, 2025 0

The Anatsa Android banking trojan, one of the most advanced mobile malware threats active today, is back...

Read More Read more about Anatsa Resurfaces: Banking Trojan Targets North America via Google Play