Malware Archives • Page 54 of 131 • Daily CyberSecurity

Malicious VSCode Extensions Caught Mining Crypto with XMRig VSCode extensions, cryptomining

Malicious VSCode Extensions Caught Mining Crypto with XMRig

Do Son April 9, 2025

Visual Studio Code, Microsoft’s open-source and freely available code editor, offers a marketplace for a vast array...

New Ransomware Tactics & Tools: An In-Depth Analysis of Emerging Threats ransomware 2025

New Ransomware Tactics & Tools: An In-Depth Analysis of Emerging Threats

Do Son April 8, 2025

The digital landscape continues to be challenged by the persistent and evolving threat of ransomware. Organizations worldwide...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

TVT DVRs Under Siege: Massive Exploitation Attempts Expose Critical Flaw

Do Son April 8, 2025

A significant surge in malicious cyber activity has been detected, raising alarms for organizations utilizing TVT NVMS9000...

Lazarus Group Expands Malicious Campaign on npm, Targets Developers with New Malware

Do Son April 7, 2025

A new report from the Socket Research Team reveals that North Korean threat actors, known for the...

New Evasive Campaign Uses Fake CAPTCHAs to Deliver LegionLoader verity

New Evasive Campaign Uses Fake CAPTCHAs to Deliver LegionLoader

Do Son April 7, 2025

Netskope Threat Labs has uncovered a new malicious campaign that employs deceptive tactics to distribute the LegionLoader...

RolandSkimmer: New Wave of Credit Card Skimming Attacks

Do Son April 4, 2025

Web-based credit card skimming remains a persistent and evolving threat, and FortiGuard Labs has recently uncovered a...

Carding Automation: Malicious PyPI Package Threatens Stores Carding attacks

Carding Automation: Malicious PyPI Package Threatens Stores

Do Son April 4, 2025

A recently discovered malicious Python package on the Python Package Index (PyPI) named “disgrasya” has been found...

Beware the Bait: BeaverTail and Tropidoor Malware Lurk in Recruitment Emails WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

Beware the Bait: BeaverTail and Tropidoor Malware Lurk in Recruitment Emails

Do Son April 4, 2025

A recent analysis by the AhnLab Security Intelligence Center (ASEC) has uncovered a particularly insidious campaign involving...

Outlaw Linux Malware: Persistent Threat Leveraging Simplicity

Do Son April 3, 2025

Elastic Security Labs has published an analysis on the Outlaw Linux malware, describing it as a persistent...

DLL Sideloading Exposed: TookPS Hides with TeamViewer TookPS downloader

DLL Sideloading Exposed: TookPS Hides with TeamViewer

Do Son April 3, 2025

Kaspersky Labs has released a report detailing the activities of the TookPS downloader, a malware strain initially...

Qilin Ransomware Attack Exploits MSP Vulnerability to Target Downstream Customers

Do Son April 3, 2025

In a recent cybersecurity incident, Qilin ransomware affiliates successfully compromised a Managed Service Provider (MSP) by exploiting...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

Gootloader Returns with Fake Legal Document Lure via Google Ads

Do Son April 2, 2025

The Gootloader malware has resurfaced with a fresh campaign that blends old-school social engineering with modern ad-based...

HijackLoader Evolves: New Modules Bring Stealth, Persistence, and Advanced VM Evasion HijackLoader Evasion Tactics

HijackLoader Evolves: New Modules Bring Stealth, Persistence, and Advanced VM Evasion

Do Son April 2, 2025

Originally discovered in 2023, HijackLoader—also known as IDAT Loader or GHOSTPULSE—has returned with a series of stealthy...

PostgreSQL Servers Hacked: 1,500+ Cloud Systems Mining Crypto via CPU_HU Exploit Jupyter Notebooks

PostgreSQL Servers Hacked: 1,500+ Cloud Systems Mining Crypto via CPU_HU

Do Son April 2, 2025

A new report from Wiz Threat Research reveals a rapidly evolving malware campaign that has silently infected...

SmokeLoader Malware Deployed in Stealthy Campaign Targeting Major Banks SmokeLoader campaign

SmokeLoader Malware Deployed in Stealthy Campaign Targeting Major Banks

Do Son April 2, 2025

In a recent campaign targeting First Ukrainian International Bank (pumb[.]ua), G DATA security researchers uncovered a deeply...

Browser Cache Smuggling 2.0: How Attackers Weaponize the Web to Deliver Stealthy Malware

Do Son April 1, 2025

More than a year after first revealing a novel method for delivering malware via browser cache, researchers...

KoiLoader Reloaded: New Variant Uses LNK Abuse, Script Chains, and PowerShell to Deliver Stealer Payload KoiLoader - KoiStealer

KoiLoader Reloaded: New Variant Uses LNK Abuse, Script Chains, and PowerShell to Deliver Stealer Payload

Do Son April 1, 2025

eSentire’s Threat Response Unit (TRU) has detected an intrusion attempt involving a new version of KoiLoader, a...

Konni RAT Resurfaces: North Korean Espionage Malware Evolves with Stealth and Persistence North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Konni RAT Resurfaces: North Korean Espionage Malware Evolves with Stealth and Persistence

Do Son April 1, 2025

Cyfirma’s recent analysis sheds light on Konni RAT, a sophisticated Remote Access Trojan (RAT) targeting Windows systems....

Android Under Attack: Crocodilus Trojan Captures OTPs from Google Authenticator Crocodilus malware

Android Under Attack: Crocodilus Trojan Captures OTPs from Google Authenticator

Do Son April 1, 2025

The mobile threat landscape is constantly evolving, with new and sophisticated malware strains emerging to target vulnerable...

Fake Zoom, Real Ransom: Nine-Day Malware Intrusion Ends with BlackSuit Ransomware Blast INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

Fake Zoom, Real Ransom: Nine-Day Malware Intrusion Ends with BlackSuit Ransomware Blast

Do Son March 31, 2025

In a meticulously orchestrated cyberattack, a threat actor leveraged a malicious Zoom download to infiltrate a corporate...