Malware Archives • Page 41 of 129 • Daily CyberSecurity

Alert: Malicious Python Package “psslib” Typosquats passlib, Shuts Down Windows Systems Python Malware, Typosquatting

Alert: Malicious Python Package “psslib” Typosquats passlib, Shuts Down Windows Systems

Do Son June 26, 2025

Socket’s Threat Research Team has uncovered a malicious Python package named psslib designed to abruptly shut down...

SonicWall Warns: Trojanized NetExtender VPN Client Stealing Credentials in Active Campaign SonicWall NetExtender, Trojanized VPN Client

SonicWall Warns: Trojanized NetExtender VPN Client Stealing Credentials in Active Campaign

Do Son June 25, 2025

SonicWall, in collaboration with Microsoft Threat Intelligence (MSTIC), has uncovered a sophisticated campaign that distributes a Trojanized...

Rogue WordPress Plugin Unmasked: Stealthy Malware Skims Credit Cards & Steals Credentials WordPress Malware, Credit Card Skimming

Rogue WordPress Plugin Unmasked: Stealthy Malware Skims Credit Cards & Steals Credentials

Do Son June 25, 2025

The Wordfence Threat Intelligence Team has unveiled a powerful malware framework operating under the guise of a...

DRAT V2 Emerges: New Delphi-Compiled RAT Targets Indian Government with Expanded Post-Exploitation

Do Son June 25, 2025

A new variant of the DRAT remote access trojan has emerged, signaling a continued evolution in TAG-140’s...

Critical Linksys Router Flaw (CVE-2025-34037, CVSS 10.0) Actively Exploited by TheMoon Worm Linksys Router, TheMoon Worm

Critical Linksys Router Flaw (CVE-2025-34037, CVSS 10.0) Actively Exploited by TheMoon Worm

Do Son June 24, 2025

A critical vulnerability in multiple Linksys E-Series routers is being actively exploited in the wild by a...

SHOE RACK Malware: NCSC Uncovers Stealthy Reverse SSH & DoH Post-Exploitation Tool Targeting FortiGate Firewalls SHOE RACK Malware, Reverse SSH

SHOE RACK Malware: NCSC Uncovers Stealthy Reverse SSH & DoH Post-Exploitation Tool Targeting FortiGate Firewalls

Do Son June 24, 2025

A new malware tool dubbed SHOE RACK has come under the microscope of the UK’s National Cyber...

Spyware Reloaded: SparkKitty Stalks Crypto Wallets via TikTok Mods and Fake Apps

Do Son June 24, 2025

Kaspersky Labs has uncovered a stealthy evolution of mobile spyware connected to the infamous SparkCat campaign. Dubbed...

Wedding Invitation Scam: SpyMax RAT Targets Indian WhatsApp Users, Stealing OTPs & Banking Credentials Android Spyware, SpyMax RAT CVE-2024-0039 Android Auto-Reboot Google Play Services

Android Spyware, SpyMax RAT CVE-2024-0039 Android Auto-Reboot Google Play Services

Wedding Invitation Scam: SpyMax RAT Targets Indian WhatsApp Users, Stealing OTPs & Banking Credentials

Do Son June 24, 2025

Researchers at K7 Labs have uncovered a highly targeted Android spyware campaign aimed at Indian mobile users,...

Confucius Group Evolves: Researcher Uncovers New Modular Backdoor “Anondoor” in Latest Espionage Campaign Confucius APT, Anondoor Backdoor

Confucius Group Evolves: Researcher Uncovers New Modular Backdoor “Anondoor” in Latest Espionage Campaign

Do Son June 23, 2025

The Confucius APT group—long associated with cyber-espionage operations targeting government and military organizations in South and East...

Prometei Botnet Evolves: Linux Variant Returns With Stealthier Payloads and Monero Mining Focus Prometei Botnet, Linux Malware

Prometei Botnet Evolves: Linux Variant Returns With Stealthier Payloads and Monero Mining Focus

Do Son June 23, 2025

In March 2025, researchers at Palo Alto Networks’ Unit 42 uncovered a resurgence of the Prometei botnet,...

Mocha Manakin: New Threat Group Uses “Paste and Run” to Deploy Custom NodeJS RAT! Mocha Manakin, NodeInitRAT

Mocha Manakin: New Threat Group Uses “Paste and Run” to Deploy Custom NodeJS RAT!

Do Son June 23, 2025

Red Canary has unveiled a new adversary cluster it’s been tracking since early 2025: Mocha Manakin. Named...

RapperBot Resurfaces: 50,000+ Bots Demand Monero Extortion in New DDoS Campaigns RapperBot Botnet, DDoS Extortion

RapperBot Resurfaces: 50,000+ Bots Demand Monero Extortion in New DDoS Campaigns

Do Son June 23, 2025

A botnet called RapperBot blends technical evolution with internet-era bravado to launch attacks on over 50,000 devices...

Fileless Masslogger Infostealer Spreading via VBScript (.VBE) & Hiding in Your Registry GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Fileless Masslogger Infostealer Spreading via VBScript (.VBE) & Hiding in Your Registry

Do Son June 21, 2025

Hackers have once again employed rarely used yet remarkably effective techniques to compromise systems—this time by disguising...

Alert: Hunt.io Uncovers SpyNote Android Spyware Disguised as Popular Apps on Open Servers Android Spyware, SpyNote

Alert: Hunt.io Uncovers SpyNote Android Spyware Disguised as Popular Apps on Open Servers

Do Son June 20, 2025

At times, a seemingly innocuous open server on the internet can pose far greater danger than it...

AntiDot Android Trojan: New MaaS Malware Records Screens, Intercepts SMS, & Steals Financial Data Android zero day flaw June 2026 security bulletin RuTaxi Trojan Android Banking Malware Pixel 9 zero-click exploit, Dolby UDC vulnerability CVE-2025-54957 NexusRoute Android RAT, India E-Challan Phishing ClayRat Self-Defense, Android Accessibility Abuse Android Trojan, AntiDot Android Malware "BadPack"

Android zero day flaw June 2026 security bulletin RuTaxi Trojan Android Banking Malware Pixel 9 zero-click exploit, Dolby UDC vulnerability CVE-2025-54957 NexusRoute Android RAT, India E-Challan Phishing ClayRat Self-Defense, Android Accessibility Abuse Android Trojan, AntiDot Android Malware "BadPack"

AntiDot Android Trojan: New MaaS Malware Records Screens, Intercepts SMS, & Steals Financial Data

Do Son June 20, 2025

The Swiss cybersecurity firm PRODAFT has unveiled detailed findings regarding a widespread malicious campaign involving an Android...

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data

Do Son June 20, 2025

According to a new report from Proofpoint, a previously known threat, ACR Stealer, has been reborn under...

Stargazers Ghost Network: Minecraft Mods Used to Distribute Multi-Stage Stealers via GitHub

Do Son June 20, 2025

A new report from Check Point Research exposes a sophisticated malware campaign that has weaponized the modding...

PylangGhost: North Korean APT Deploys Python-Based RAT to Target Crypto Professionals North Korean APT, PylangGhost

PylangGhost: North Korean APT Deploys Python-Based RAT to Target Crypto Professionals

Do Son June 20, 2025

Recently, Cisco Talos unveiled a new Python-based remote access trojan (RAT) dubbed PylangGhost, used exclusively by a...

ComfyUI Under Attack: “Pickai” C++ Backdoor Compromises 700+ AI Image Generation Servers Globally

Do Son June 20, 2025

In a concerning development for AI infrastructure security, XLab has uncovered an active exploitation campaign targeting ComfyUI—a...

Ransomware Gang Qilin Rises Amid Collapse of Major Gangs Like RansomHub and LockBit

Do Son June 19, 2025

The ransomware threat landscape is undergoing dramatic upheaval. As legacy groups like RansomHub, LockBit, Everest, and BlackLock...