Malware Archives • Page 6 of 131 • Daily CyberSecurity

PamDOORa Backdoor Targets Linux PAM Stack to Steal Passwords and Wipe Logs PamDOORa Linux Backdoor PAM Stack Credential Harvesting

PamDOORa Backdoor Targets Linux PAM Stack to Steal Passwords and Wipe Logs

Do Son May 12, 2026

In the enterprise world, Linux servers are the bedrock of cloud environments and critical infrastructure. To protect...

APT37’s New “Python-in-a-Cat” Malware Uses Environment Variable Obfuscation APT37 Phishing Campaign Python Malware Obfuscation

APT37’s New “Python-in-a-Cat” Malware Uses Environment Variable Obfuscation

Do Son May 12, 2026

In the world of cyberespionage, familiarity can be a fatal mistake for defenders. Just as security teams...

“Lorem Ipsum” Loader Weaponizing Microsoft Teams via SEO Poisoning Lorem Ipsum Malware Microsoft Teams SEO Poisoning

“Lorem Ipsum” Loader Weaponizing Microsoft Teams via SEO Poisoning

Do Son May 12, 2026

A new and operationally disciplined threat actor has emerged, demonstrating just how quickly a “mid-tier” criminal group...

Vidar Stealer Weaponizes AutoIt and Masqueraded Scripts Vidar Stealer AutoIt File Extension Masquerading

Vidar Stealer Weaponizes AutoIt and Masqueraded Scripts

Do Son May 12, 2026

Threat actors are increasingly abandoning loud, easily identifiable malware in favor of subtle, script-based deceptions. A new...

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

Supply Chain Siege: 84 TanStack Packages Compromised to Steal GitHub Secrets

Do Son May 12, 2026

The software supply chain has just weathered another high-impact assault. The Socket Threat Research team has uncovered...

Tactical Misdirection: The “Hologram” Malware Framework Hijacking AI Enthusiasts Hologram Malware Framework OpenClaw Malvertising

Tactical Misdirection: The “Hologram” Malware Framework Hijacking AI Enthusiasts

Do Son May 11, 2026

Netskope Threat Labs has recently uncovered a sophisticated, multi-wave campaign that has evolved from a simple credential...

The “JobStealer” Trojan Hijacking Crypto Wallets via Fake Meetings JobStealer Trojan Crypto Wallet Theft

The “JobStealer” Trojan Hijacking Crypto Wallets via Fake Meetings

Do Son May 11, 2026

The job market is tough enough without a scheduled interview turning into a devastating cyber heist. According...

The Claude AI Trap: Sophos Uncovers Undocumented Backdoor Hiding in Fake “Pro” Lure Claude AI Malware DonutLoader Backdoor

The Claude AI Trap: Sophos Uncovers Undocumented Backdoor Hiding in Fake “Pro” Lure

Do Son May 11, 2026

As the popularity of generative AI tools soars, cybercriminals are increasingly capitalizing on the hype to deploy...

Fileless Python Malware Uses Humanitarian Lures to Deploy Full-Spectrum Surveillance Python Cyberespionage Fileless Malware

Fileless Python Malware Uses Humanitarian Lures to Deploy Full-Spectrum Surveillance

Do Son May 11, 2026

According to the latest intelligence from Cyble Research and Intelligence Labs (CRIL), threat actors are actively demonstrating...

Trust Hijacked: Official JDownloader Website Breached to Distribute Malicious Installers JDownloader Breach Supply Chain Attack

Trust Hijacked: Official JDownloader Website Breached to Distribute Malicious Installers

Do Son May 9, 2026

When millions of users rely on a popular utility, the implicit trust placed in its official download...

New “ClickFix” Campaign Bypasses Gatekeeper to Hijack macOS Devices macOS ClickFix Campaign Terminal Infostealer

New “ClickFix” Campaign Bypasses Gatekeeper to Hijack macOS Devices

Do Son May 9, 2026

For years, macOS users have relied on community forums, Medium articles, and tech blogs to solve everyday...

Self-Spreading TCLBANKER Trojan Hijacks WhatsApp to Drain Accounts TCLBANKER Trojan REF3076 Malware

Self-Spreading TCLBANKER Trojan Hijacks WhatsApp to Drain Accounts

Do Son May 8, 2026

Elastic Security Labs has uncovered a highly sophisticated Brazilian banking trojan dubbed TCLBANKER, tracked under the campaign...

Highly Evasive NuGet Supply Chain Attack Hijacks 65,000 .NET Build Servers NuGet Supply Chain Attack .NET Malware

Highly Evasive NuGet Supply Chain Attack Hijacks 65,000 .NET Build Servers

Do Son May 8, 2026

A highly sophisticated software supply chain attack has compromised tens of thousands of developer workstations and CI/CD...

The InstallFix Trap: Fake Claude AI Google Ads Drop Fileless RedLine Malware on Developers InstallFix Malware Claude AI Phishing

The InstallFix Trap: Fake Claude AI Google Ads Drop Fileless RedLine Malware on Developers

Do Son May 8, 2026

A sophisticated new campaign, dubbed InstallFix, is currently targeting professionals searching for Anthropic’s Claude AI tools. By...

OceanLotus Hijacks PyPI to Deploy “ZiChatBot” via Enterprise Chat APIs Acreed Infostealer, BNB Smart Chain CVE-2023-20269 exploit

OceanLotus Hijacks PyPI to Deploy “ZiChatBot” via Enterprise Chat APIs

Do Son May 7, 2026

In a calculated move that signals the expansion of state-sponsored threats into open-source repositories, researchers at Kaspersky...

Deceptive “DeepSeek-Claw” Skill Hijacks OpenClaw Agents to Steal Credentials OpenClaw Framework Malware DeepSeek-Claw AI Skill

Deceptive “DeepSeek-Claw” Skill Hijacks OpenClaw Agents to Steal Credentials

Do Son May 7, 2026

Security researchers at Zscaler ThreatLabz have uncovered a deceptive campaign targeting the OpenClaw framework—an open-source tool designed...

New “Pheno” Malware Hijacks Microsoft Phone Link to Steal SMS and OTPs NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

New “Pheno” Malware Hijacks Microsoft Phone Link to Steal SMS and OTPs

Do Son May 7, 2026

Security researchers at Cisco Talos have uncovered a sophisticated campaign that allows attackers to steal SMS messages...

New Quasar Linux (QLNX) RAT Hijacks Cloud Keys and NPM Tokens Quasar Linux RAT Supply Chain Hijacking

New Quasar Linux (QLNX) RAT Hijacks Cloud Keys and NPM Tokens

Do Son May 6, 2026

A previously undocumented Linux remote access trojan (RAT) has been exposed for its surgical precision in targeting...

Cisco Talos Unmasks UAT-8302’s Global Government Espionage Network UAT-8302 APT NetDraft Malware

Cisco Talos Unmasks UAT-8302’s Global Government Espionage Network

Do Son May 6, 2026

Cisco Talos has exposured the curtain on UAT-8302, a sophisticated, China-nexus advanced persistent threat (APT) group that...

DAEMON Tools Supply Chain Attack QUIC RAT Malware

Trojanized Tools: DAEMON Tools Supply Chain Attack Compromises Global Systems

Do Son May 6, 2026

Kaspersky has uncovered a sophisticated supply chain attack targeting DAEMON Tools, the widely used disk imaging software....