Malware

WaterPlum’s OtterCookie Malware Upgrades to v4 with Credential Theft and Sandbox Detection Features North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

WaterPlum’s OtterCookie Malware Upgrades to v4 with Credential Theft and Sandbox Detection Features

Do Son May 12, 2025

Cyber threat actors tied to North Korea are expanding their global reach with an updated strain of...

Malicious npm Packages Target BullX Crypto Traders via Telegram-Backdoored Payloads Crypto theft, npm malware

Crypto theft, npm malware

Malicious npm Packages Target BullX Crypto Traders via Telegram-Backdoored Payloads

Do Son May 12, 2025

Socket’s Threat Research Team has uncovered two malicious npm packages designed to steal cryptocurrency credentials and trading...

Sneaky Email Attack Targets Spain, Italy, Portugal with RATty Trojan RATty Trojan, email phishing

RATty Trojan, email phishing

Sneaky Email Attack Targets Spain, Italy, Portugal with RATty Trojan

Do Son May 12, 2025

The FortiMail IR team has uncovered a highly sophisticated email campaign delivering the RATty Remote Access Trojan,...

Fake Crypto Platforms on Facebook Steal Your Data! Beware Celebrity Endorsements Crypto malvertising, Facebook ads

Crypto malvertising, Facebook ads

Fake Crypto Platforms on Facebook Steal Your Data! Beware Celebrity Endorsements

Do Son May 12, 2025

In a newly report, Bitdefender Labs has revealed a persistent and evolving malvertising campaign operating through Facebook...

Backdoor by Design: Malicious npm Packages Hijack Cursor IDE on macOS Cursor AI, Cursor IDE

Cursor AI, Cursor IDE

Backdoor by Design: Malicious npm Packages Hijack Cursor IDE on macOS

Do Son May 11, 2025

The Socket Threat Research Team has uncovered a sophisticated campaign targeting macOS users of the Cursor AI...

From Web Shell to Full Control: APT-Style Exploits Surge Against SAP NetWeaver Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

From Web Shell to Full Control: APT-Style Exploits Surge Against SAP NetWeaver

Do Son May 11, 2025

In a report issued by Unit 42, researchers disclosed that the vulnerability CVE-2025-31324, affecting SAP NetWeaver’s Visual...

Atomic Stealer Malware Targets macOS Users with Fake Evernote Crack Atomic Stealer, macOS Malware

Atomic Stealer, macOS Malware

Atomic Stealer Malware Targets macOS Users with Fake Evernote Crack

Do Son May 10, 2025

A new cyberattack is targeting macOS users, with the Atomic Stealer malware being distributed under the guise...

RedisRaider Worm Exploits Misconfigured Redis for Cryptojacking RedisRaider, cryptojacking

RedisRaider, cryptojacking

RedisRaider Worm Exploits Misconfigured Redis for Cryptojacking

Do Son May 9, 2025

In a recent revelation by Datadog Security Research, a sophisticated cryptojacking campaign has been uncovered that exploits...

DOGE Big Balls Ransomware: New Tools and Tactics Uncovered DOGE Big Balls Ransomware Ransomware infection chain

DOGE Big Balls Ransomware Ransomware infection chain

DOGE Big Balls Ransomware: New Tools and Tactics Uncovered

Do Son May 9, 2025

Netskope Threat Labs has recently uncovered a multi-stage infection chain involving custom PowerShell scripts, open-source tools, exploitation...

Google Uncovers LOSTKEYS Malware Used by Russian COLDRIVER for Cyber Espionage LOSTKEYS Malware, COLDRIVER

LOSTKEYS Malware, COLDRIVER

Google Uncovers LOSTKEYS Malware Used by Russian COLDRIVER for Cyber Espionage

Do Son May 8, 2025

In a concerning escalation of cyber-espionage activity, Google’s Threat Intelligence Group (GTIG) has revealed the emergence of...

Agenda Ransomware Evolves with NETXLOADER and SmokeLoader in Global Campaigns Agenda ransomware, NETXLOADER

Agenda ransomware, NETXLOADER

Agenda Ransomware Evolves with NETXLOADER and SmokeLoader in Global Campaigns

Do Son May 8, 2025

Agenda ransomware, also known as Qilin, has returned. In a recent exposé by Trend Micro, researchers have...

APT36 Suspected in India Gov Spoofing Phishing with ClickFix Tactics APT36 phishing, ClickFix campaign

APT36 phishing, ClickFix campaign

APT36 Suspected in India Gov Spoofing Phishing with ClickFix Tactics

Do Son May 8, 2025

Hunt.io, a threat hunting platform, has revealed a sophisticated phishing campaign using ClickFix-style tactics and spoofed Indian...

Aikido Uncovers Malicious Code in Popular npm Package rand-user-agent RAT

RAT

Aikido Uncovers Malicious Code in Popular npm Package rand-user-agent

Do Son May 8, 2025

Aikido Security has uncovered a Remote Access Trojan (RAT) embedded in rand-user-agent, a JavaScript package downloaded ~45,000...

Lampion Malware Returns with ClickFix Tactics to Target Portuguese Sectors Lampion, ClickFix

Lampion, ClickFix

Lampion Malware Returns with ClickFix Tactics to Target Portuguese Sectors

Do Son May 8, 2025

Lampion, the banking malware first observed in 2019, has reemerged with new tricks. In a detailed analysis,...

Zero-Day CLFS Vulnerability (CVE-2025-29824) Exploited in Ransomware Attacks

Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Zero-Day CLFS Vulnerability (CVE-2025-29824) Exploited in Ransomware Attacks

Do Son May 7, 2025

Symantec’s Threat Hunter Team has uncovered a sophisticated attack involving a zero-day privilege escalation vulnerability in Microsoft’s...

Botnet Exploits Old GeoVision IoT Devices via CVE-2024-6047 & CVE-2024-11120 GeoVision, Mirai

GeoVision, Mirai

Botnet Exploits Old GeoVision IoT Devices via CVE-2024-6047 & CVE-2024-11120

Do Son May 7, 2025

The Akamai Security Intelligence and Response Team (SIRT) has identified active exploitation of two command injection vulnerabilities...

Gunra Ransomware: New Threat Analysis Reveals Evasion Tactics Gunra Ransomware, ransomware analysis

Gunra Ransomware, ransomware analysis

Gunra Ransomware: New Threat Analysis Reveals Evasion Tactics

Do Son May 7, 2025

CYFIRMA has released an in-depth analysis of a newly emerging cyber threat: Gunra Ransomware. This report details...

Massive E-commerce Supply Chain Attack Uncovered: Hundreds of Stores at Risk Supply Chain Attack, E-commerce Security

Supply Chain Attack, E-commerce Security

Massive E-commerce Supply Chain Attack Uncovered: Hundreds of Stores at Risk

Do Son May 6, 2025

The Sansec Forensics Team has uncovered a coordinated supply chain attack that has silently infected ecommerce infrastructure...

Venom Spider Evolves: Arctic Wolf Exposes More_eggs Campaign Targeting HR More_eggs, Venom Spider

More_eggs, Venom Spider

Venom Spider Evolves: Arctic Wolf Exposes More_eggs Campaign Targeting HR

Do Son May 5, 2025

In a newly released analysis, Arctic Wolf Labs has documented a sophisticated phishing campaign orchestrated by the...

StealC V2: ThreatLabz Unveils the Evolution of a Stealthy Info-Stealer and Malware Loader StealC V2, Info-Stealer

StealC V2, Info-Stealer

StealC V2: ThreatLabz Unveils the Evolution of a Stealthy Info-Stealer and Malware Loader

Do Son May 5, 2025

In a comprehensive technical report, ThreatLabz has dissected the inner workings of StealC V2, a major upgrade...