Malware Archives • Page 60 of 129 • Daily CyberSecurity

From Victim Profiles to Data Leaks: Inside the Lynx Ransomware-as-a-Service Ecosystem

Do Son January 29, 2025

A new report by Group-IB has unveiled the sophisticated operations of Lynx Ransomware-as-a-Service (RaaS), a criminal network...

WhatsApp Phishing Campaign Targets SBI Bank Users with Malicious App

Do Son January 29, 2025

Cybercriminals are once again exploiting social engineering tactics to trick unsuspecting users into installing malicious Android applications....

Cyberattackers Unleash LockBit Ransomware Using Cobalt Strike and Proxy Tools LockBit Ransomware Cobalt Strike

Cyberattackers Unleash LockBit Ransomware Using Cobalt Strike and Proxy Tools

Do Son January 28, 2025

A recent investigation by The DFIR Report unveiled a sophisticated ransomware operation leveraging Cobalt Strike beacons and...

Over 18,000 Devices Compromised in XWorm RAT Builder Campaign XWorm Remote Access Trojan

Over 18,000 Devices Compromised in XWorm RAT Builder Campaign

Do Son January 28, 2025

A trojanized version of the XWorm Remote Access Trojan (RAT) builder has been weaponized and is being...

Akira Ransomware Adapts to Target Linux and VMware ESXi Servers Akira RaaS

Akira Ransomware Adapts to Target Linux and VMware ESXi Servers

Do Son January 27, 2025

Akira, a Ransomware-as-a-Service (RaaS) group, has quickly become one of the most active ransomware operators in recent...

Lumma Stealer MaaS: Clipboard Hijacking and LOLBins Used in Latest Campaign Lumma Stealer model

Lumma Stealer MaaS: Clipboard Hijacking and LOLBins Used in Latest Campaign

Do Son January 26, 2025

A new malware campaign leveraging the Lumma Stealer malware-as-a-service (MaaS) model has been uncovered by Netskope Threat...

Lazarus Group Deploys Electron-Based Malware to Target Cryptocurrency Enthusiasts Lazarus Group Electron Malware

Lazarus Group Deploys Electron-Based Malware to Target Cryptocurrency Enthusiasts

Do Son January 26, 2025

The APT-C-26 group, commonly known as Lazarus, has intensified its campaigns, focusing on cryptocurrency professionals worldwide. A...

Zyxel Vulnerability Exploited by Helldown Ransomware Group

Do Son January 26, 2025

The YIR Team (Yarix Incident Response Team), led by incident responder Claudio Vozza, has detailed a recent...

Sophisticated J-Magic Backdoor Evades Detection on Juniper Routers J-Magic backdoor campaign

Sophisticated J-Magic Backdoor Evades Detection on Juniper Routers

Do Son January 26, 2025

The Black Lotus Labs team at Lumen Technologies has revealed a sophisticated backdoor campaign, dubbed “J-Magic,” targeting...

HellCat and Morpheus: Ransomware Affiliates Using Identical Payloads to Escalate Attacks HellCat & Morpheus ransomware

HellCat and Morpheus: Ransomware Affiliates Using Identical Payloads to Escalate Attacks

Do Son January 25, 2025

Over the past six months, ransomware activity has surged, with new operations like HellCat and Morpheus making...

QBot Resurfaces: New BackConnect Malware Signals a Dangerous Evolution

Do Son January 25, 2025

QBot, also known as Qakbot or Pinkslipbot, has made a significant comeback, with researchers uncovering a new...

Lumma Stealer Malware Now Using ChaCha20 Cipher for Evasion

Do Son January 24, 2025

eSentire’s Threat Response Unit (TRU) has identified a new tactic employed by the developers of the Lumma...

Malicious VS Code Extension Masquerades as Zoom to Steal Chrome Cookies

Do Son January 23, 2025

A recent investigation by Hunt.io has unveiled a concerning campaign targeting software developers through malicious Visual Studio...

Donot APT Group Targets Android Devices with Malicious Chat Apps Donot APT Group - Android zero-day

Donot APT Group Targets Android Devices with Malicious Chat Apps

Do Son January 23, 2025

The research team at CYFIRMA has uncovered an alarming Android malware campaign attributed to the Indian advanced...

CVE-2024-7029 and CVE-2017-17215 Exploited in Latest Murdoc Botnet Attacks FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

CVE-2024-7029 and CVE-2017-17215 Exploited in Latest Murdoc Botnet Attacks

Do Son January 23, 2025

The Qualys Threat Research Unit has unveiled an extensive campaign involving a new variant of the infamous...

Stealthy and Persistent: New Ransomware Tactics Target VMware ESXi SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

Stealthy and Persistent: New Ransomware Tactics Target VMware ESXi

Do Son January 23, 2025

Sygnia’s latest report reveals the evolving tactics of ransomware groups targeting VMware ESXi appliances. By exploiting these...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Purrglar: Emerging Stealer Targets Chrome and Exodus Wallet Data on macOS

Do Son January 22, 2025

Kandji’s Threat Research team has uncovered a potential new macOS stealer named “Purrglar.” This malware, uploaded to...

400,000+ Systems Infected: DigitalPulse Proxyware Returns with New Tricks DigitalPulse Proxyware malware

400,000+ Systems Infected: DigitalPulse Proxyware Returns with New Tricks

Do Son January 21, 2025

A recent report from the AhnLab Security Intelligence Center (ASEC) detailed the spread of DigitalPulse proxyware via...

Black Myth: Wukong DDoS Attackers Return with New AIRASHI Botnet AISURU botnet, known as AIRASHI

Black Myth: Wukong DDoS Attackers Return with New AIRASHI Botnet

Do Son January 21, 2025

The threat actors behind a series of distributed denial-of-service (DDoS) attacks targeting the distribution platforms of the...

ModiLoader Malware Leveraging CAB Header Batch Files to Evade Detection SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

ModiLoader Malware Leveraging CAB Header Batch Files to Evade Detection

Do Son January 21, 2025

The AhnLab Security Intelligence Center (ASEC) warns a novel malware distribution tactic involving the use of Microsoft...