Malware Archives • Page 62 of 129 • Daily CyberSecurity

Cracked Software: A Gateway to Malware and Data Theft ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

Cracked Software: A Gateway to Malware and Data Theft

Do Son January 10, 2025

Trend Micro’s latest analysis sheds light on the growing menace of fake software installers and cracked applications,...

Stealthy Malware Hides in WordPress Database, Steals Payment Data Credit Card Skimmer

Stealthy Malware Hides in WordPress Database, Steals Payment Data

Do Son January 9, 2025

A new breed of credit card skimming malware has been discovered, targeting WordPress checkout pages with alarming...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Fake LDAPNightmare PoC Exploit Conceals Information-Stealing Malware

Do Son January 9, 2025

Trend Micro researchers have uncovered a dangerous fake proof-of-concept (PoC) exploit masquerading as an exploit for CVE-2024-49113,...

Malicious npm Packages Target Solana Developers, Stealing Private Keys via Gmail XCharge C6 vulnerabilities EV charger security flaws GNU libtasn1 Vulnerability CVE-2025-13151 Credit Card Skimmer Malware CVE-2024-13892

XCharge C6 vulnerabilities EV charger security flaws GNU libtasn1 Vulnerability CVE-2025-13151 Credit Card Skimmer Malware CVE-2024-13892

Malicious npm Packages Target Solana Developers, Stealing Private Keys via Gmail

Do Son January 9, 2025

Socket’s threat research team has uncovered a concerning campaign involving malicious npm packages designed to exfiltrate Solana...

Unmasking Play Ransomware: Tactics, Techniques, and Mitigation Strategies Play Ransomware Tactics

Unmasking Play Ransomware: Tactics, Techniques, and Mitigation Strategies

Do Son January 9, 2025

Play ransomware, also known as Balloonfly or PlayCrypt, has emerged as a significant cyber threat since its...

Malware Alert: Banshee Stealer Targets macOS Users macOS malware 2024 XCSSET

Malware Alert: Banshee Stealer Targets macOS Users

Do Son January 9, 2025

Cybersecurity researchers at Check Point Research (CPR) have identified a new and sophisticated version of the Banshee...

Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Zero-Day Alert: UNC5337 Exploits Ivanti VPN Vulnerability CVE-2025-0282 for Espionage Operations

Do Son January 8, 2025

Ivanti Connect Secure (ICS) VPN appliances have become the focus of advanced threat actors, exploiting a newly...

“Gayfemboy” Botnet Leveraging 0-Day Exploit in Four-Faith Industrial Routers Gayfemboy botnet

“Gayfemboy” Botnet Leveraging 0-Day Exploit in Four-Faith Industrial Routers

Do Son January 7, 2025

XLab has released a report on the Gayfemboy botnet, a rapidly evolving threat leveraging a 0-day vulnerability...

Thousands of SonicWall Devices Remain Vulnerable to CVE-2024-40766 PyPI Packages Leak

Thousands of SonicWall Devices Remain Vulnerable to CVE-2024-40766

Do Son January 6, 2025

In September 2024, a critical vulnerability in SonicWall NSA devices, tracked as CVE-2024-40766, was disclosed. Since then,...

EAGERBEE: Advanced Backdoor Targets Middle Eastern ISPs and Government Entities EAGERBEE backdoor

EAGERBEE: Advanced Backdoor Targets Middle Eastern ISPs and Government Entities

Do Son January 6, 2025

Kaspersky Labs has uncovered a sophisticated cyberespionage campaign deploying the EAGERBEE backdoor to infiltrate internet service providers...

NonEuclid RAT—A Sophisticated Tool in the Cybercrime Arsenal Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

NonEuclid RAT—A Sophisticated Tool in the Cybercrime Arsenal

Do Son January 5, 2025

The NonEuclid Remote Access Trojan (RAT), detailed in a report by CYFIRMA, represents a significant evolution in...

CryptBot Infostealer Returns with Sophisticated Tactics for Initial Access PHP RCE vulnerability

CryptBot Infostealer Returns with Sophisticated Tactics for Initial Access

Do Son January 5, 2025

CryptBot, an information-stealing malware first detected in 2019, has resurfaced with advanced tactics to target unsuspecting victims....

Malicious Packages Weaponize OAST for Stealthy Data Exfiltration and Reconnaissance GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Malicious Packages Weaponize OAST for Stealthy Data Exfiltration and Reconnaissance

Do Son January 5, 2025

Researchers at Socket have uncovered a series of malicious campaigns exploiting Out-of-Band Application Security Testing (OAST) techniques....

Cybersecurity Alert: FireScam—The Android Malware Disguised as Telegram Premium BadBox 2.0, Android Botnet Alien spyware - CVE-2024-43093

Cybersecurity Alert: FireScam—The Android Malware Disguised as Telegram Premium

Do Son January 5, 2025

In an era where mobile applications dominate daily life, cybersecurity threats have reached unprecedented sophistication. A recent...

Beware! Fake EditThisCookie Extension Steals User Data

Do Son January 3, 2025

EditThisCookie, a browser extension with over 3 million downloads, primarily used for editing local cookie files, has...

Supply Chain Attack on Ethereum Developers via Malicious npm Packages npm Supply Chain Attack

Supply Chain Attack on Ethereum Developers via Malicious npm Packages

Do Son January 2, 2025

In a revelation by the Socket Research Team, Ethereum developers have been targeted in a sophisticated supply...

Project Quarantine: PyPI’s New Line of Defense Against Malware Project Quarantine PyPI Security Privilege Escalation

Project Quarantine: PyPI’s New Line of Defense Against Malware

Do Son January 2, 2025

In a significant stride toward enhancing security in the Python ecosystem, the Python Package Index (PyPI) has...

Unmasking Fraudulent Popularity: Study Exposes 4.5 Million Fake Stars on GitHub Screenshot 2025-01-02 170012

Unmasking Fraudulent Popularity: Study Exposes 4.5 Million Fake Stars on GitHub

Do Son January 2, 2025

In a study conducted by researchers from Carnegie Mellon University, North Carolina State University, and Socket, the...

From Fake Installers to Stolen Credentials: Decoding the LegionLoader Threat KongTuke Microsoft Teams Phishing ModeloRAT Initial Access Broker CVE-2024-38193 - Lazarus Group Threat Actors ScreenConnect