Malware Archives • Page 40 of 131 • Daily CyberSecurity

Stealthy REMCOS Backdoor Delivered by LNK Files: Bypasses Antivirus with Multi-Stage PowerShell Attack link

Stealthy REMCOS Backdoor Delivered by LNK Files: Bypasses Antivirus with Multi-Stage PowerShell Attack

Do Son July 29, 2025

Cybercriminals continue to find clever ways to bypass antivirus solutions and endpoint defenses. A recent Point Wild...

Cyber Stealer: New Infostealer-Botnet Hybrid Offers Full Digital Plunder as a Service Cyber Stealer, Infostealer-Botnet

Cyber Stealer: New Infostealer-Botnet Hybrid Offers Full Digital Plunder as a Service

Do Son July 28, 2025

The eSentire’s Threat Response Unit (TRU) has uncovered a rapidly evolving malware platform called Cyber Stealer—a full-fledged...

SHUYAL: New Stealthy Infostealer Plunders Browser Credentials, System Data, & Screenshots to Telegram SHUYAL Infostealer, Telegram Exfiltration

SHUYAL Infostealer, Telegram Exfiltration

SHUYAL: New Stealthy Infostealer Plunders Browser Credentials, System Data, & Screenshots to Telegram

Do Son July 28, 2025

In a deep-dive technical investigation, Hybrid Analysis has uncovered a powerful new information stealer dubbed SHUYAL, a...

Chaos Ransomware: New RaaS Group (Likely Former BlackSuit) Unleashes Vishing & Double Extortion

Do Son July 28, 2025

Cisco Talos Incident Response (Talos IR) has identified a new ransomware-as-a-service (RaaS) operation known as Chaos, which...

Koske Malware: AI-Generated Cryptojacker Hides in Panda Images to Infect Linux Servers Firefox Security, Crypto Wallets skidmap trojan

Koske Malware: AI-Generated Cryptojacker Hides in Panda Images to Infect Linux Servers

Do Son July 27, 2025

Aqua Security’s Nautilus research team has uncovered a malware campaign. Dubbed Koske, this advanced Linux malware shows...

Popular ‘is’ JavaScript Library & Others Compromised in npm Supply Chain Attack Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Popular ‘is’ JavaScript Library & Others Compromised in npm Supply Chain Attack

Do Son July 26, 2025

The lightweight JavaScript utility library is is a widely popular project on the NPM platform, boasting over...

Toptal GitHub Organization Compromised: Malicious npm Packages Steal Tokens & Wipe Systems libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

Toptal GitHub Organization Compromised: Malicious npm Packages Steal Tokens & Wipe Systems

Do Son July 25, 2025

Socket’s Threat Research Team has discovered that at least 10 malicious packages were published to npm from...

4 Open-Source Packages Infect 56,000+ Downloads with Stealthy Spyware Open Source Spyware, Supply Chain Surveillance

4 Open-Source Packages Infect 56,000+ Downloads with Stealthy Spyware

Do Son July 25, 2025

The Socket Threat Research Team has uncovered a coordinated surveillance malware campaign hidden in four open-source packages—three...

Soco404: New Stealthy Cryptojacking Campaign Exploits Cloud Misconfigurations and PostgreSQL to Mine Crypto

Do Son July 25, 2025

Wiz Research has uncovered a persistent and evolving cryptojacking operation known as “Soco404,” a campaign that exploits...

EdskManager RAT: New Stealthy Malware Leverages HVNC for Covert Remote Access & Evasion EdskManager RAT, HVNC Malware

EdskManager RAT: New Stealthy Malware Leverages HVNC for Covert Remote Access & Evasion

Do Son July 24, 2025

In its latest threat intelligence report, CYFIRMA has detailed the discovery of EdskManager RAT, a sophisticated remote...

First in the Wild: Coyote Banking Trojan Exploits Microsoft’s UI Automation to Steal Credentials Undetected

Do Son July 24, 2025

Akamai has confirmed the first observed abuse of Microsoft’s UI Automation (UIA) framework by malware in the...

Arch Linux Alert: Malicious Firefox, LibreWolf, & Zen Web AUR Packages Spread CHAOS RAT Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Arch Linux Alert: Malicious Firefox, LibreWolf, & Zen Web AUR Packages Spread CHAOS RAT

Do Son July 23, 2025

If you are an Arch Linux user and have installed Mozilla Firefox, LibreWolf, or Zen Web from...

Lumma Stealer Resurfaces After Takedown: New Stealth Tactics Target Users via Fake Cracks, CAPTCHAs & GitHub Lumma Stealer, Malware Resurgence

Lumma Stealer Resurfaces After Takedown: New Stealth Tactics Target Users via Fake Cracks, CAPTCHAs & GitHub

Do Son July 23, 2025

The Lumma Stealer malware suffered a massive takedown in May 2025, with over 2,300 malicious domains seized....

AmateraStealer (ACRStealer) Evolves: New Version Uses Low-Level NTAPIs & Heaven’s Gate for Evasion AmateraStealer, Infostealer Evolution

AmateraStealer (ACRStealer) Evolves: New Version Uses Low-Level NTAPIs & Heaven’s Gate for Evasion

Do Son July 23, 2025

ACRStealer—recently rebranded as AmateraStealer—has emerged as one of the most sophisticated infostealers in the wild, marked by...

DCHSpy Android Spyware Linked to Iran’s MuddyWater APT, Targets Geopolitical Foes with Starlink Lures Android Spyware, MuddyWater APT

DCHSpy Android Spyware Linked to Iran’s MuddyWater APT, Targets Geopolitical Foes with Starlink Lures

Do Son July 23, 2025

A newly evolved version of the Android surveillanceware family known as DCHSpy is making waves in the...

Android Malware Strikes: Fake Facebook & TikTok Apps Impersonate Brands for Traffic Monetization BadBox 2.0, Android Botnet Alien spyware - CVE-2024-43093

Android Malware Strikes: Fake Facebook & TikTok Apps Impersonate Brands for Traffic Monetization

Do Son July 22, 2025

Trustwave SpiderLabs has identified an active Android malware cluster that blends brand impersonation with traffic monetization tactics,...

NailaoLocker Ransomware: Chinese SM2 Crypto and Built-in Decryptor Raise Questions

Do Son July 22, 2025

FortiGuard Labs uncovered a ransomware variant. Dubbed NailaoLocker, this malware isn’t just another file-encrypting threat. It brings...

SVF Botnet: New Python DDoS Threat Leverages Discord for Stealthy C&C on Linux Servers Linux Botnet Discord C2

SVF Botnet: New Python DDoS Threat Leverages Discord for Stealthy C&C on Linux Servers

Do Son July 22, 2025

In a recent analysis, AhnLab’s Security Intelligence Center (ASEC) has uncovered an emerging threat targeting misconfigured and...

DeedRAT Backdoor: Chinese APT Targets Southeast Asian Governments via Vulnerable AV Software DeedRAT, Chinese Cyberattack

DeedRAT Backdoor: Chinese APT Targets Southeast Asian Governments via Vulnerable AV Software

Do Son July 22, 2025

In a newly uncovered campaign, LAB52 — the intelligence team at S2 Group — has identified a...

Ghost Crypt & PureRAT: New Stealthy Malware Targets Accounting Firm via “Process Hypnosis” Ghost Crypt, PureRAT

Ghost Crypt & PureRAT: New Stealthy Malware Targets Accounting Firm via “Process Hypnosis”

Do Son July 22, 2025

eSentire’s Threat Response Unit (TRU) uncovered a sophisticated attack against a certified public accounting firm in the...