Malware

Fake Free VPN & Minecraft Mod Repositories Deliver Lumma Stealer

• Malware

Fake Free VPN & Minecraft Mod Repositories Deliver Lumma Stealer

Do Son July 14, 2025 0

Cybercriminals are once again exploiting the trust users place in popular platforms like GitHub to spread sophisticated...

Read More Read more about Fake Free VPN & Minecraft Mod Repositories Deliver Lumma Stealer

New macOS.ZuRu Variant Uses Trojanized Termius App to Infiltrate Systems

• Malware

New macOS.ZuRu Variant Uses Trojanized Termius App to Infiltrate Systems

Do Son July 11, 2025 0

A newly uncovered variant of the notorious macOS.ZuRu malware is now using a trojanized version of Termius,...

Read More Read more about New macOS.ZuRu Variant Uses Trojanized Termius App to Infiltrate Systems

SafePay Ransomware Unleashed: New LockBit 3.0 Variant Hits 200+ MSPs & SMBs Worldwide

• Malware

SafePay Ransomware Unleashed: New LockBit 3.0 Variant Hits 200+ MSPs & SMBs Worldwide

Do Son July 11, 2025 0

A new ransomware group known as SafePay has swiftly risen from obscurity to infamy in Q1 2025,...

Read More Read more about SafePay Ransomware Unleashed: New LockBit 3.0 Variant Hits 200+ MSPs & SMBs Worldwide

Iranian Ransomware “Pay2Key.I2P” Resurfaces on I2P Network, Offering 80% Profit for Targeting Western Enemies

• Malware

Iranian Ransomware “Pay2Key.I2P” Resurfaces on I2P Network, Offering 80% Profit for Targeting Western Enemies

Do Son July 11, 2025 0

In the shadow of geopolitical tensions among Iran, Israel, and the United States, an ominous threat has...

Read More Read more about Iranian Ransomware “Pay2Key.I2P” Resurfaces on I2P Network, Offering 80% Profit for Targeting Western Enemies

From Stealer to Spy: AMOS Malware Evolves into Full-Fledged Backdoor Threat for macOS

• Malware

From Stealer to Spy: AMOS Malware Evolves into Full-Fledged Backdoor Threat for macOS

Do Son July 10, 2025 0

In a disturbing evolution of macOS malware, Moonlock Lab has discovered that Atomic macOS Stealer (AMOS)—already notorious...

Read More Read more about From Stealer to Spy: AMOS Malware Evolves into Full-Fledged Backdoor Threat for macOS

Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

• Malware
• Vulnerability Report

Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

Do Son July 10, 2025 0

The AhnLab Security Intelligence Center (ASEC) has issued a fresh warning on the ongoing exploitation of a...

Read More Read more about Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

VS Code ETHcode Extension Hacked: Just 2 Lines of Code Led to Supply Chain Compromise Via GitHub PR

• Malware

VS Code ETHcode Extension Hacked: Just 2 Lines of Code Led to Supply Chain Compromise Via GitHub PR

Do Son July 9, 2025 0

Researchers at ReversingLabs (RL) have uncovered a supply chain compromise of the popular ETHcode extension for Visual...

Read More Read more about VS Code ETHcode Extension Hacked: Just 2 Lines of Code Led to Supply Chain Compromise Via GitHub PR

Anatsa Resurfaces: Banking Trojan Targets North America via Google Play

• Malware

Anatsa Resurfaces: Banking Trojan Targets North America via Google Play

Do Son July 9, 2025 0

The Anatsa Android banking trojan, one of the most advanced mobile malware threats active today, is back...

Read More Read more about Anatsa Resurfaces: Banking Trojan Targets North America via Google Play

NetSupport RAT Returns: Weaponized via WordPress & “ClickFix” for Remote Access

• Malware

NetSupport RAT Returns: Weaponized via WordPress & “ClickFix” for Remote Access

Do Son July 8, 2025 0

Recently, security researchers at the Cybereason Global Security Operations Center (GSOC) discovered a highly deceptive malware campaign...

Read More Read more about NetSupport RAT Returns: Weaponized via WordPress & “ClickFix” for Remote Access

RedLine Stealer Unleashed: Inno Setup Installers Abused for Stealthy Data Theft & Cryptowallet Draining

• Malware

RedLine Stealer Unleashed: Inno Setup Installers Abused for Stealthy Data Theft & Cryptowallet Draining

Do Son July 8, 2025 0

In a recent technical deep dive, the Splunk Threat Research Team (STRT) dissected a multi-stage malware campaign...

Read More Read more about RedLine Stealer Unleashed: Inno Setup Installers Abused for Stealthy Data Theft & Cryptowallet Draining

NordDragonScan: New Infostealer Hits Via Weaponized HTAs, Stealing Browser Data & Documents!

• Malware

NordDragonScan: New Infostealer Hits Via Weaponized HTAs, Stealing Browser Data & Documents!

Do Son July 8, 2025 0

FortiGuard Labs has issued a critical alert regarding a new and actively exploited infostealer malware campaign. Dubbed...

Read More Read more about NordDragonScan: New Infostealer Hits Via Weaponized HTAs, Stealing Browser Data & Documents!

XMRig Cryptojacking Surges: New Campaign Uses LOLBAS, Steals Monero Undetected

• Malware

XMRig Cryptojacking Surges: New Campaign Uses LOLBAS, Steals Monero Undetected

Do Son July 8, 2025 0

A new wave of XMRig-based cryptojacking malware is making headlines again—leveraging simple scripting, LOLBAS techniques, and stealthy...

Read More Read more about XMRig Cryptojacking Surges: New Campaign Uses LOLBAS, Steals Monero Undetected

XwormRAT Resurfaces with Steganography-Powered Attack Chain

• Malware

XwormRAT Resurfaces with Steganography-Powered Attack Chain

Do Son July 8, 2025 0

The AhnLab Security Intelligence Center (ASEC) has raised fresh concerns over the reemergence of XwormRAT, a notorious...

Read More Read more about XwormRAT Resurfaces with Steganography-Powered Attack Chain

Hpingbot: New Go-Based Botnet Leverages Pastebin & Hping3 for Stealthy Attacks

• Malware

Hpingbot: New Go-Based Botnet Leverages Pastebin & Hping3 for Stealthy Attacks

Do Son July 7, 2025 0

NSFOCUS Fuying Lab uncovered a rapidly evolving botnet family named Hpingbot. Written in Go and targeting both...

Read More Read more about Hpingbot: New Go-Based Botnet Leverages Pastebin & Hping3 for Stealthy Attacks

XWorm’s Shape-Shifting Arsenal: RAT Evolves to Deliver LockBit Ransomware, Evades Detection

• Malware

XWorm’s Shape-Shifting Arsenal: RAT Evolves to Deliver LockBit Ransomware, Evades Detection

Do Son July 7, 2025 0

XWorm, a name increasingly familiar in threat intelligence circles, has once again proven its status as a...

Read More Read more about XWorm’s Shape-Shifting Arsenal: RAT Evolves to Deliver LockBit Ransomware, Evades Detection

SHELLTER Evasion Framework Abused: Elite v11.0 Packages LUMMA, RHADAMANTHYS, ARECHCLIENT2 Infostealers

• Malware

SHELLTER Evasion Framework Abused: Elite v11.0 Packages LUMMA, RHADAMANTHYS, ARECHCLIENT2 Infostealers

Do Son July 7, 2025 0

Elastic Security Labs has uncovered multiple malware campaigns leveraging the SHELLTER evasion framework—a product originally designed to...

Read More Read more about SHELLTER Evasion Framework Abused: Elite v11.0 Packages LUMMA, RHADAMANTHYS, ARECHCLIENT2 Infostealers

RondoDox: Sophisticated Botnet Exploits TBK DVRs & Four-Faith Routers for DDoS Attacks

• Malware
• Vulnerability Report

RondoDox: Sophisticated Botnet Exploits TBK DVRs & Four-Faith Routers for DDoS Attacks

Do Son July 5, 2025 0

FortiGuard Labs has uncovered a stealthy and highly adaptive botnet dubbed RondoDox, which is actively exploiting two...

Read More Read more about RondoDox: Sophisticated Botnet Exploits TBK DVRs & Four-Faith Routers for DDoS Attacks

Stealthy WordPress Malware Uncovered: SEO Spam Plugin Mimics Your Domain to Evade Detection

• Malware

Stealthy WordPress Malware Uncovered: SEO Spam Plugin Mimics Your Domain to Evade Detection

Do Son July 4, 2025 0

In a recent investigation, Kayleigh Martin, a Security Analyst at Sucuri, uncovered a cunning new tactic used...

Read More Read more about Stealthy WordPress Malware Uncovered: SEO Spam Plugin Mimics Your Domain to Evade Detection

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

• Malware

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

Do Son July 4, 2025 0

The Wiz Research Team has uncovered a stealthy and rapidly executed exploitation chain leveraging a misconfigured Java...

Read More Read more about Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

NimDoor: North Korean APT Uses Nim-Based Malware for Stealthy Web3 & Crypto Attacks on macOS!

• Malware

NimDoor: North Korean APT Uses Nim-Based Malware for Stealthy Web3 & Crypto Attacks on macOS!

Do Son July 3, 2025 0

A new wave of North Korean cyberattacks is exploiting macOS systems in Web3 and cryptocurrency startups using...

Read More Read more about NimDoor: North Korean APT Uses Nim-Based Malware for Stealthy Web3 & Crypto Attacks on macOS!