Malware Archives • Page 50 of 131 • Daily CyberSecurity

Aikido Uncovers Malicious Code in Popular npm Package rand-user-agent RAT

Aikido Uncovers Malicious Code in Popular npm Package rand-user-agent

Do Son May 8, 2025

Aikido Security has uncovered a Remote Access Trojan (RAT) embedded in rand-user-agent, a JavaScript package downloaded ~45,000...

Lampion Malware Returns with ClickFix Tactics to Target Portuguese Sectors Lampion, ClickFix

Lampion Malware Returns with ClickFix Tactics to Target Portuguese Sectors

Do Son May 8, 2025

Lampion, the banking malware first observed in 2019, has reemerged with new tricks. In a detailed analysis,...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Zero-Day CLFS Vulnerability (CVE-2025-29824) Exploited in Ransomware Attacks

Do Son May 7, 2025

Symantec’s Threat Hunter Team has uncovered a sophisticated attack involving a zero-day privilege escalation vulnerability in Microsoft’s...

Botnet Exploits Old GeoVision IoT Devices via CVE-2024-6047 & CVE-2024-11120 GeoVision, Mirai

Botnet Exploits Old GeoVision IoT Devices via CVE-2024-6047 & CVE-2024-11120

Do Son May 7, 2025

The Akamai Security Intelligence and Response Team (SIRT) has identified active exploitation of two command injection vulnerabilities...

Gunra Ransomware: New Threat Analysis Reveals Evasion Tactics Gunra Ransomware, ransomware analysis

Gunra Ransomware: New Threat Analysis Reveals Evasion Tactics

Do Son May 7, 2025

CYFIRMA has released an in-depth analysis of a newly emerging cyber threat: Gunra Ransomware. This report details...

Massive E-commerce Supply Chain Attack Uncovered: Hundreds of Stores at Risk Supply Chain Attack, E-commerce Security

Massive E-commerce Supply Chain Attack Uncovered: Hundreds of Stores at Risk

Do Son May 6, 2025

The Sansec Forensics Team has uncovered a coordinated supply chain attack that has silently infected ecommerce infrastructure...

Venom Spider Evolves: Arctic Wolf Exposes More_eggs Campaign Targeting HR More_eggs, Venom Spider

Venom Spider Evolves: Arctic Wolf Exposes More_eggs Campaign Targeting HR

Do Son May 5, 2025

In a newly released analysis, Arctic Wolf Labs has documented a sophisticated phishing campaign orchestrated by the...

StealC V2: ThreatLabz Unveils the Evolution of a Stealthy Info-Stealer and Malware Loader StealC V2, Info-Stealer

StealC V2: ThreatLabz Unveils the Evolution of a Stealthy Info-Stealer and Malware Loader

Do Son May 5, 2025

In a comprehensive technical report, ThreatLabz has dissected the inner workings of StealC V2, a major upgrade...

Golden Chickens Unveils TerraStealerV2 and TerraLogger Malware TerraStealerV2, TerraLogger

Golden Chickens Unveils TerraStealerV2 and TerraLogger Malware

Do Son May 5, 2025

The Insikt Group at Recorded Future has detailed two newly discovered malware families linked to the infamous...

SocGholish Reloaded: Darktrace Uncovers Ransomware-Primed Loader Campaign SocGholish, RansomHub

SocGholish Reloaded: Darktrace Uncovers Ransomware-Primed Loader Campaign

Do Son May 5, 2025

In a recent report, Darktrace’s Threat Research team has detailed a sophisticated malware campaign involving the SocGholish...

MintsLoader Malware: Advanced Evasion Techniques Target Industrial Sector

Do Son May 4, 2025

In a deep-dive threat analysis published on April 29, 2025, Recorded Future’s Insikt Group exposed the complex...

Nebulous Mantis Cyber Espionage Group: RomCom RAT and Hybrid Tactics

Do Son May 3, 2025

A new threat intelligence report by PRODAFT details Nebulous Mantis, a Russian-speaking cyber espionage group operating under...

Malicious Python Packages Exploited Gmail as Covert Command-and-Control Channels Python malware, Gmail C2

Malicious Python Packages Exploited Gmail as Covert Command-and-Control Channels

Do Son May 2, 2025

In a detailed technical report, Socket’s Threat Research Team uncovered seven malicious Python packages published to the...

CAPTCHA to Command: Trustwave Uncovers Stealthy NodeJS Backdoor Campaign Fake captcha page

CAPTCHA to Command: Trustwave Uncovers Stealthy NodeJS Backdoor Campaign

Do Son May 1, 2025

Trustwave SpiderLabs has uncovered an evolving cyber threat that leverages deceptive CAPTCHA verifications to infect users with...

Gremlin Stealer Malware Targets Browsers, Crypto Wallets, and VPNs in Telegram-Based Campaign Gremlin Stealer, info-stealer malware

Gremlin Stealer Malware Targets Browsers, Crypto Wallets, and VPNs in Telegram-Based Campaign

Do Son May 1, 2025

Researchers at Palo Alto Networks’ Unit 42 have unveiled a new, actively developed malware strain dubbed Gremlin...

Outlaw Botnet Exploits Weak SSH to Hijack Linux Systems for Crypto Mining Outlaw botnet, Linux crypto mining

Outlaw Botnet Exploits Weak SSH to Hijack Linux Systems for Crypto Mining

Do Son May 1, 2025

While high-profile ransomware and state-backed APT groups often dominate headlines, it’s crucial not to overlook quieter yet...

Sophisticated Attacks Employ Cobalt Strike, DLL Sideloading, and Evolving Tactics

Do Son May 1, 2025

In a sophisticated campaign that spanned multiple regions and techniques, Sophos researchers uncovered a cluster of targeted...

Earth Kasha Refines Spear-Phishing Tactics in Espionage Campaign Targeting Taiwan and Japan Earth Kasha, Spear-Phishing

Earth Kasha Refines Spear-Phishing Tactics in Espionage Campaign Targeting Taiwan and Japan

Do Son May 1, 2025

In a renewed cyber-espionage campaign observed in March 2025, the notorious APT group Earth Kasha, believed to...

WordPress Malware Alert: Fake Anti-Malware Plugin Grants Admin Access and Executes Remote Code WordPress Malware Fake Plugin

WordPress Malware Alert: Fake Anti-Malware Plugin Grants Admin Access and Executes Remote Code

Do Son April 30, 2025

The Wordfence Threat Intelligence team has issued a critical warning about a sophisticated malware variant that is...

Hannibal Stealer Malware Targets Crypto Wallets, VPNs, and Browser Data Hannibal Stealer Info-Stealer Malware

Hannibal Stealer Malware Targets Crypto Wallets, VPNs, and Browser Data

Do Son April 30, 2025

A new cybersecurity threat is making waves across the dark web. Hannibal Stealer, identified by CYFIRMA researchers,...