Malware Archives • Page 61 of 129 • Daily CyberSecurity

Homebrew Phishing Site Appears in Google Search, Raising Concerns

Do Son January 21, 2025

In a recent discovery, a phishing website targeting Homebrew, an open-source package manager for macOS, was found...

Top 3 Malware Targeting Businesses in the Last 12 Months Top Malware

Top 3 Malware Targeting Businesses in the Last 12 Months

Do Son January 21, 2025

The cybersecurity trends are constantly shifting, and 2024 was no exception. Attackers found new ways to target...

Gootloader Malware Expands Its Reach with Advanced Social Engineering and SEO Poisoning

Do Son January 20, 2025

Sophos X-Ops has released an in-depth analysis of the notorious Gootloader malware family, highlighting its use of...

MintsLoader Campaign Targets Critical Sectors with Sophisticated Malware Delivery StealC operator panel

MintsLoader Campaign Targets Critical Sectors with Sophisticated Malware Delivery

Do Son January 20, 2025

The eSentire Threat Response Unit (TRU) has uncovered a new malware campaign leveraging a tool called MintsLoader...

Silver Fox APT Targets Organizations with PNGPlug and ValleyRAT Malware WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

Silver Fox APT Targets Organizations with PNGPlug and ValleyRAT Malware

Do Son January 20, 2025

A sophisticated cyber-espionage campaign targeting organizations across China, Hong Kong, and Taiwan has been uncovered by Intezer’s...

Malicious PyPI Package Targets Discord Developers with Token Theft and Backdoor Exploit Malicious Discord PyPI Package

Malicious PyPI Package Targets Discord Developers with Token Theft and Backdoor Exploit

Do Son January 19, 2025

The Socket research team has identified a malicious Python package on PyPI named pycord-self, targeting developers working...

Black Basta Exploits Microsoft Teams for Phishing Attacks SloppyLemming

Black Basta Exploits Microsoft Teams for Phishing Attacks

Do Son January 19, 2025

NVISO Labs has uncovered a sophisticated phishing campaign attributed to the ransomware group Black Basta, leveraging Microsoft...

IoT Botnet Fuels Large-Scale DDoS Attacks Targeting Global Organizations

Do Son January 19, 2025

A newly discovered IoT botnet has been linked to a series of large-scale distributed denial-of-service (DDoS) attacks...

Lazarus APT Targets Job Seekers with “Contagious Interview” Campaign Using ClickFix Technique Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Lazarus APT Targets Job Seekers with “Contagious Interview” Campaign Using ClickFix Technique

Do Son January 18, 2025

North Korea’s notorious Lazarus APT group has been observed employing advanced social engineering tactics in a campaign...

“PlugX” Malware Deleted from Thousands of Computers in Global Operation Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

“PlugX” Malware Deleted from Thousands of Computers in Global Operation

Do Son January 14, 2025

In a decisive move against Chinese state-sponsored cyber espionage, the U.S. Department of Justice (DOJ) and FBI,...

Malicious npm Packages Exploit Developer Tools with Hidden Kill Switch

Do Son January 14, 2025

A recent report by researchers at Socket reveals a concerning supply chain attack targeting popular Node.js libraries,...

Over 5,000 WordPress Sites Infected in WP3.XYZ Malware Attack

Do Son January 14, 2025

A widespread malware campaign has been uncovered, targeting over 5,000 WordPress websites globally. The campaign, traced back...

Multi-Layered Attack: Formbook Stealer Bypasses Detection with Memory-Based Execution macOS malware 2024 XCSSET

Multi-Layered Attack: Formbook Stealer Bypasses Detection with Memory-Based Execution

Do Son January 14, 2025

Seqrite Lab recently uncovered a sophisticated phishing campaign leveraging old payloads to deploy the infamous Formbook stealer....

Kernel Modules and Malicious Commands: Anatomy of the sysinitd Rootkit

Do Son January 13, 2025

The FortiGuard Incident Response (FGIR) team has conducted a comprehensive analysis of a sophisticated Linux rootkit, shedding...

APT28’s New Espionage Campaign Uses Double-Tap Infection Chain BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

APT28’s New Espionage Campaign Uses Double-Tap Infection Chain

Do Son January 13, 2025

In a recent revelation, security researchers Amaury G., Maxime A., Erwan Chevalier, Felix Aimé, and Sekoia TDR...

LummaC2 Infostealer Malware Spreads via Crack Programs and Phishing

Do Son January 13, 2025

Cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have unveiled a sophisticated distribution tactic for the LummaC2...

HexaLocker V2: Ransomware Reborn with Advanced Tactics ransom

HexaLocker V2: Ransomware Reborn with Advanced Tactics

Do Son January 12, 2025

On August 9, 2024, the HexaLocker ransomware group unveiled a new variant of their infamous malware on...

RedDelta Leverages PlugX Backdoor in State-Sponsored Espionage Campaigns Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

RedDelta Leverages PlugX Backdoor in State-Sponsored Espionage Campaigns

Do Son January 12, 2025

A recent report by Insikt Group reveals an ongoing, sophisticated cyber-espionage operation by the RedDelta advanced persistent...

RedCurl APT Group: Cyber Espionage with Living-Off-the-Land Techniques WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware