Malware Archives • Page 50 of 129 • Daily CyberSecurity

Gorilla Android Malware: Evolving Threat with Espionage Capabilities RatOn, Android trojan

Gorilla Android Malware: Evolving Threat with Espionage Capabilities

Do Son April 18, 2025

A newly discovered Android malware dubbed Gorilla is quietly emerging as a serious threat, according to a...

Interlock Ransomware Uses Evolving Tactics to Evade Detection Interlock Ransomware, ClickFix

Interlock Ransomware Uses Evolving Tactics to Evade Detection

Do Son April 18, 2025

A new report by Sekoia Threat Detection & Research (TDR) details the activities of Interlock, a ransomware...

Node.js Misused in Malvertising Campaigns to Deliver Stealthy Malware Node.js malware, malvertising attacks

Node.js Misused in Malvertising Campaigns to Deliver Stealthy Malware

Do Son April 17, 2025

Microsoft Defender Experts (DEX) has observed a rise in malicious campaigns that use Node.js to deliver malware...

Novel Attack Uses Teams Phishing and Zero-Day TypeLib Hijacking Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

Novel Attack Uses Teams Phishing and Zero-Day TypeLib Hijacking

Do Son April 17, 2025

In a concerning escalation of social engineering and persistence techniques, cybersecurity firm ReliaQuest has uncovered a new...

APT29 Targets European Diplomats with Wine-Themed Phishing APT29, Phishing Campaign

APT29 Targets European Diplomats with Wine-Themed Phishing

Do Son April 17, 2025

A new wave of targeted phishing attacks aimed at European governments and diplomats is underway, with the...

LummaStealer: The Evolution of a Sophisticated MaaS LummaStealer, Malware-as-a-Service

LummaStealer: The Evolution of a Sophisticated MaaS

Do Son April 17, 2025

Once a rising name in the stealer malware scene, LummaStealer has now evolved into one of the...

CrazyHunter Ransomware Targets Taiwan’s Critical Infrastructure CrazyHunter, Ransomware

CrazyHunter Ransomware Targets Taiwan’s Critical Infrastructure

Do Son April 17, 2025

Trend Micro has uncovered a targeted ransomware campaign conducted by a newly identified threat group dubbed CrazyHunter....

Waiting Thread Hijacking: A Stealthier Code Injection Technique Thread Hijacking Process Injection

Waiting Thread Hijacking: A Stealthier Code Injection Technique

Do Son April 16, 2025

Process injection is a technique frequently employed by attackers, with its variations appearing in numerous malware. This...

UNC5174: Chinese Threat Actor Deploys New VShell RAT in Campaign Operation IconCat, UNG0801 AFP cyberattack -NetWalker Ransomware VShell RAT

UNC5174: Chinese Threat Actor Deploys New VShell RAT in Campaign

Do Son April 16, 2025

The Sysdig Threat Research Team (TRT) has uncovered a new campaign by the Chinese state-sponsored threat actor...

PasivRobber: In-Depth Analysis of Sophisticated macOS Malware GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

PasivRobber: In-Depth Analysis of Sophisticated macOS Malware

Do Son April 16, 2025

A recent discovery by Kandji’s research team has brought to light a sophisticated threat targeting macOS systems:...

Malicious npm Package Installs Reverse Shell via Payment Success Magento Credit Card Stealer npm package reverse shell

Malicious npm Package Installs Reverse Shell via Payment Success

Do Son April 16, 2025

A malicious npm package, disguised as a merchant integration for the Advcash payment platform, has been discovered...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Beware Fake PDF Converters: A Social Engineering Threat

Do Son April 16, 2025

In today’s digital age, online file converters have become indispensable tools for streamlining daily workflows. However, a...

BPFDoor Backdoor Used in Asia, Middle East Cyberespionage IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

BPFDoor Backdoor Used in Asia, Middle East Cyberespionage

Do Son April 16, 2025

A recent report by Trend Micro has uncovered a stealthy, state-sponsored backdoor called BPFDoor, which has been...

BRICKSTORM Backdoor Targets European Industries BRICKSTORM, Cyber Espionage

BRICKSTORM Backdoor Targets European Industries

Do Son April 16, 2025

In a recent technical expose, NVISO sheds light on BRICKSTORM, a stealthy espionage backdoor attributed to the...

ResolverRAT: New RAT Employs Advanced Evasion Techniques Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

ResolverRAT: New RAT Employs Advanced Evasion Techniques

Do Son April 15, 2025

A new remote access trojan (RAT) has emerged, and it’s armed with advanced techniques to evade detection....

Fake Font Domain Used in Credit Card Skimming Attack WordPress Backdoor

Fake Font Domain Used in Credit Card Skimming Attack

Do Son April 15, 2025

A recent investigation by Sucuri revealed a sophisticated credit card skimming attack on a WordPress website. The...

DAMASCENED PEACOCK: NCSC Uncovers Sophisticated Malware Targeting UK MOD Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

DAMASCENED PEACOCK: NCSC Uncovers Sophisticated Malware Targeting UK MOD

Do Son April 15, 2025

In a covert campaign targeting the UK Ministry of Defence, a sophisticated malware dubbed DAMASCENED PEACOCK has...

Slow Pisces Targets Crypto Developers with Deceptive Coding Challenges BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

Slow Pisces Targets Crypto Developers with Deceptive Coding Challenges

Do Son April 14, 2025

In a recent cybersecurity report by Unit 42, a North Korean state-sponsored threat group known as Slow...

npm Malware Targets Atomic and Exodus Wallets to Steal Crypto Funds npm malware, crypto wallet attack

npm Malware Targets Atomic and Exodus Wallets to Steal Crypto Funds

Do Son April 14, 2025

The ReversingLabs (RL) research team has uncovered a sophisticated npm-based malware campaign in which a fake npm...

TROX Stealer: Urgency-Themed MaaS Malware Targets Consumer Data TROX Stealer, Malware-as-a-Service

TROX Stealer: Urgency-Themed MaaS Malware Targets Consumer Data

Do Son April 14, 2025

According to a new deep-dive analysis by the Sublime Threat Research Team, a new infostealer dubbed TROX...