Malware Archives • Page 53 of 130 • Daily CyberSecurity

HijackLoader Evolves: New Modules Bring Stealth, Persistence, and Advanced VM Evasion HijackLoader Evasion Tactics

HijackLoader Evolves: New Modules Bring Stealth, Persistence, and Advanced VM Evasion

Do Son April 2, 2025

Originally discovered in 2023, HijackLoader—also known as IDAT Loader or GHOSTPULSE—has returned with a series of stealthy...

PostgreSQL Servers Hacked: 1,500+ Cloud Systems Mining Crypto via CPU_HU Exploit Jupyter Notebooks

PostgreSQL Servers Hacked: 1,500+ Cloud Systems Mining Crypto via CPU_HU

Do Son April 2, 2025

A new report from Wiz Threat Research reveals a rapidly evolving malware campaign that has silently infected...

SmokeLoader Malware Deployed in Stealthy Campaign Targeting Major Banks SmokeLoader campaign

SmokeLoader Malware Deployed in Stealthy Campaign Targeting Major Banks

Do Son April 2, 2025

In a recent campaign targeting First Ukrainian International Bank (pumb[.]ua), G DATA security researchers uncovered a deeply...

Browser Cache Smuggling 2.0: How Attackers Weaponize the Web to Deliver Stealthy Malware

Do Son April 1, 2025

More than a year after first revealing a novel method for delivering malware via browser cache, researchers...

KoiLoader Reloaded: New Variant Uses LNK Abuse, Script Chains, and PowerShell to Deliver Stealer Payload KoiLoader - KoiStealer

KoiLoader Reloaded: New Variant Uses LNK Abuse, Script Chains, and PowerShell to Deliver Stealer Payload

Do Son April 1, 2025

eSentire’s Threat Response Unit (TRU) has detected an intrusion attempt involving a new version of KoiLoader, a...

Konni RAT Resurfaces: North Korean Espionage Malware Evolves with Stealth and Persistence North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Konni RAT Resurfaces: North Korean Espionage Malware Evolves with Stealth and Persistence

Do Son April 1, 2025

Cyfirma’s recent analysis sheds light on Konni RAT, a sophisticated Remote Access Trojan (RAT) targeting Windows systems....

Android Under Attack: Crocodilus Trojan Captures OTPs from Google Authenticator Crocodilus malware

Android Under Attack: Crocodilus Trojan Captures OTPs from Google Authenticator

Do Son April 1, 2025

The mobile threat landscape is constantly evolving, with new and sophisticated malware strains emerging to target vulnerable...

Fake Zoom, Real Ransom: Nine-Day Malware Intrusion Ends with BlackSuit Ransomware Blast INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

Fake Zoom, Real Ransom: Nine-Day Malware Intrusion Ends with BlackSuit Ransomware Blast

Do Son March 31, 2025

In a meticulously orchestrated cyberattack, a threat actor leveraged a malicious Zoom download to infiltrate a corporate...

SHELBY Malware Abuses GitHub for Control and Data Theft

Do Son March 31, 2025

Elastic Security Labs has uncovered a sophisticated malware family—dubbed SHELBY—that combines GitHub-based C2 infrastructure, anti-analysis techniques, and...

Warning: Discord’s API Exploited for Malicious Takeover Discord RAT

Warning: Discord’s API Exploited for Malicious Takeover

Do Son March 31, 2025

A new report from CYFIRMA reveals that cybercriminals are increasingly exploiting Discord, the popular communication and gaming...

Python-Powered Triton RAT Exfiltrates Data via Telegram and Evades Analysis

Do Son March 31, 2025

Cado Security Labs has identified a Python-based Remote Access Tool (RAT) named Triton RAT. This open-source RAT...

GPU-Powered Evasion: Unpacking the Sophisticated CoffeeLoader Malware KTLVdoor backdoor - CoffeeLoader Malware

GPU-Powered Evasion: Unpacking the Sophisticated CoffeeLoader Malware

Do Son March 31, 2025

Zscaler ThreatLabz has recently uncovered a new and sophisticated malware family named CoffeeLoader, which emerged around September...

PJobRAT’s Evolution: New Campaign Steals Data from Android Screenshots from the interface of the malicious SaangalLite app

PJobRAT’s Evolution: New Campaign Steals Data from Android

Do Son March 30, 2025

In 2021, PJobRAT, an Android Remote Access Trojan (RAT), was identified targeting Indian military personnel by disguising...

CISA Warns of RESURGE Malware: Exploiting Ivanti Vulnerability NTLM Vulnerabilities, CVE-2024-43451 CVE-2024-37361 - RESURGE Malware

CISA Warns of RESURGE Malware: Exploiting Ivanti Vulnerability

Do Son March 29, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has released a Malware Analysis Report (MAR) detailing a newly...

Malware on npm “Patches” Local Packages with Reverse Shell npm reverse shell

Malware on npm “Patches” Local Packages with Reverse Shell

Do Son March 28, 2025

A recent report by ReversingLabs (RL) has uncovered malicious packages on the npm repository that employ sophisticated...

SnakeKeylogger: Stealthy Malware Targets Credentials in Sophisticated Attacks

Do Son March 28, 2025

A new report from Seqrite Labs details a malicious campaign employing SnakeKeylogger, an info-stealing malware known for...

ReaderUpdate Malware Evolves: macOS Loader Resurfaces with Go-Based Variants GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber