Malware Archives • Page 51 of 131 • Daily CyberSecurity

Weaponized Uyghur Language Software: Citizen Lab Uncovers Targeted Malware Campaign Microsoft Office, CVE-2017-11882

Weaponized Uyghur Language Software: Citizen Lab Uncovers Targeted Malware Campaign

Do Son April 29, 2025

In a new report, researchers at Citizen Lab have exposed a spearphishing campaign targeting senior members of...

Fog Ransomware Group Exposed: Inside the Tools, Tactics, and Victims of a Stealthy Threat Fog Ransomware, Sliver C2

Fog Ransomware Group Exposed: Inside the Tools, Tactics, and Victims of a Stealthy Threat

Do Son April 29, 2025

In a new investigation, The DFIR Report’s Threat Intel Group has shed light on the growing operations...

Fake GIF and Reverse Proxy Used in Sophisticated Card Skimming Attack on Magento Reverse Proxy Skimming, Fake GIF Malware

Fake GIF and Reverse Proxy Used in Sophisticated Card Skimming Attack on Magento

Do Son April 29, 2025

In a deep-dive analysis released by Ben Martin, a security analyst at Sucuri, researchers revealed a remarkably...

Triada Trojan Evolves: Pre-Installed Android Malware Now Embedded in Device Firmware

Do Son April 29, 2025

In a newly released report, Kaspersky Labs warns of an alarming evolution in the Triada Trojan, a...

Earth Kurma APT Targets Southeast Asia with Stealthy Cyberespionage Earth Kurma, Southeast Asia APT

Earth Kurma APT Targets Southeast Asia with Stealthy Cyberespionage

Do Son April 29, 2025

In a newly released report, Trend Research has unveiled the operations of an advanced persistent threat (APT)...

Discord Used as C2 for Stealthy Python-Based RAT Discord RAT, Python malware

Discord Used as C2 for Stealthy Python-Based RAT

Do Son April 29, 2025

In a detailed report by Cyfirma, researchers have uncovered a Python-based Remote Access Trojan (RAT) that leverages...

Critical Flaw Exposes Linux Security Blind Spot: io_uring Bypasses Detection io_uring vulnerability, Linux runtime security

Critical Flaw Exposes Linux Security Blind Spot: io_uring Bypasses Detection

Do Son April 28, 2025

ARMO researchers have uncovered a critical weakness in Linux runtime security tools, revealing how the io_uring interface...

SocGholish and RansomHub: Sophisticated Attack Campaign Targeting Corporate Networks SocGholish, RansomHub

SocGholish and RansomHub: Sophisticated Attack Campaign Targeting Corporate Networks

Do Son April 28, 2025

The eSentire’s Threat Response Unit (TRU) discovered a sophisticated cyberattack campaign linking SocGholish (also known as FakeUpdates)...

North Korean APT ‘Contagious Interview’ Launches Fake Crypto Companies to Spread Malware Trio North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korean APT ‘Contagious Interview’ Launches Fake Crypto Companies to Spread Malware Trio

Do Son April 28, 2025

Threat analysts at Silent Push have uncovered a new campaign orchestrated by the North Korean state-sponsored APT...

Lazarus Group’s “Operation SyncHole” Targets South Korean Industries Lazarus Group, Cyber Espionage Operation SyncHole

Lazarus Group’s “Operation SyncHole” Targets South Korean Industries

Do Son April 27, 2025

Kaspersky Labs has recently revealed a major cyber-espionage campaign conducted by the Lazarus group, dubbed “Operation SyncHole.”...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

DslogdRAT Malware Targets Ivanti Connect Secure via CVE-2025-0282 Zero-Day Exploit

Do Son April 26, 2025

A newly published report by Yuma Masubuchi from the JPCERT Coordination Center (JPCERT/CC) has uncovered the deployment...

Lumma Stealer: Advanced Obfuscation and Evasion Techniques Analysis Lumma Stealer InfoStealer

Lumma Stealer: Advanced Obfuscation and Evasion Techniques Analysis

Do Son April 25, 2025

Lumma Stealer, a prevalent threat since its emergence in 2022, continues to evolve its tactics to evade...

Kimsuky’s PebbleDash Campaign: PowerShell Attacks & RDP Bypass Tactics Kimsuky Group PebbleDash Malware

Kimsuky’s PebbleDash Campaign: PowerShell Attacks & RDP Bypass Tactics

Do Son April 25, 2025

A recent report by the AhnLab Security intelligence Center (ASEC) has uncovered the latest tactics employed by...

ToyMaker’s Playbook: Cisco Talos Exposes IAB Tactics Leading to Cactus Ransomware ToyMaker Initial Access Broker Ransomware

ToyMaker’s Playbook: Cisco Talos Exposes IAB Tactics Leading to Cactus Ransomware

Do Son April 25, 2025

Cisco Talos’ 2023 incident response report unveils the operations of “ToyMaker,” a financially motivated Initial Access Broker...

FormBook Malware Spreads via Sophisticated Phishing Attack FormBook CVE-2017-11882

FormBook Malware Spreads via Sophisticated Phishing Attack

Do Son April 24, 2025

A new phishing campaign distributing the FormBook infostealer malware has been uncovered by Fortinet’s FortiGuard Labs, targeting...

WormLocker Ransomware Reemerges with Updated Variants

Do Son April 24, 2025

The WormLocker ransomware, first identified in 2021, is evolving. Thanks to recent analysis in the ANY.RUN sandbox,...

Unveiling a Multi-Stage Malware Attack: Cloudflare Abuse and AsyncRAT Delivery Infection chains distributing AsyncRAT

Unveiling a Multi-Stage Malware Attack: Cloudflare Abuse and AsyncRAT Delivery

Do Son April 23, 2025

In a detailed report by the Sekoia Threat Detection & Research (TDR) team, researchers have unveiled a...

Malicious Packages Stealing Crypto Credentials: A Warning for Developers npm package, crypto drainer Malicious Packages Cryptocurrency Theft

npm package, crypto drainer Malicious Packages Cryptocurrency Theft

Malicious Packages Stealing Crypto Credentials: A Warning for Developers

Do Son April 23, 2025

The Socket Threat Research Team has exposed three malicious open-source packages masquerading as developer tools — designed...

Lumma Stealer: Unpacking Its Evasive Tactics and Complex Infection Chains Lumma Stealer Malware Distribution

Lumma Stealer: Unpacking Its Evasive Tactics and Complex Infection Chains

Do Son April 23, 2025

The cybercriminal landscape is constantly evolving, with Malware-as-a-Service (MaaS) lowering the bar for entry and information stealers...

Sophisticated Backdoor Attack Targets ViPNet Networks Backdoor ViPNet

Sophisticated Backdoor Attack Targets ViPNet Networks

Do Son April 22, 2025

In a recent cybersecurity incident, a sophisticated backdoor targeting large organizations in Russia has been uncovered. The...