Malware Archives • Page 64 of 131 • Daily CyberSecurity

Kernel Modules and Malicious Commands: Anatomy of the sysinitd Rootkit

Do Son January 13, 2025

The FortiGuard Incident Response (FGIR) team has conducted a comprehensive analysis of a sophisticated Linux rootkit, shedding...

APT28’s New Espionage Campaign Uses Double-Tap Infection Chain BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

APT28’s New Espionage Campaign Uses Double-Tap Infection Chain

Do Son January 13, 2025

In a recent revelation, security researchers Amaury G., Maxime A., Erwan Chevalier, Felix Aimé, and Sekoia TDR...

LummaC2 Infostealer Malware Spreads via Crack Programs and Phishing

Do Son January 13, 2025

Cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have unveiled a sophisticated distribution tactic for the LummaC2...

HexaLocker V2: Ransomware Reborn with Advanced Tactics ransom

HexaLocker V2: Ransomware Reborn with Advanced Tactics

Do Son January 12, 2025

On August 9, 2024, the HexaLocker ransomware group unveiled a new variant of their infamous malware on...

RedDelta Leverages PlugX Backdoor in State-Sponsored Espionage Campaigns Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

RedDelta Leverages PlugX Backdoor in State-Sponsored Espionage Campaigns

Do Son January 12, 2025

A recent report by Insikt Group reveals an ongoing, sophisticated cyber-espionage operation by the RedDelta advanced persistent...

RedCurl APT Group: Cyber Espionage with Living-Off-the-Land Techniques WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

RedCurl APT Group: Cyber Espionage with Living-Off-the-Land Techniques

Do Son January 12, 2025

The RedCurl Advanced Persistent Threat (APT) group, also known as Earth Kapre or Red Wolf, has resurfaced...

GroupGreeting E-Card Platform Compromised in “zqxq” Campaign GroupGreeting e-card - “zqxq” campaign

GroupGreeting E-Card Platform Compromised in “zqxq” Campaign

Do Son January 11, 2025

The popular e-card platform GroupGreeting.com, used by major companies such as Airbnb, Coca-Cola, and eBay, recently fell...

Cracked Software: A Gateway to Malware and Data Theft ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

Cracked Software: A Gateway to Malware and Data Theft

Do Son January 10, 2025

Trend Micro’s latest analysis sheds light on the growing menace of fake software installers and cracked applications,...

Stealthy Malware Hides in WordPress Database, Steals Payment Data Credit Card Skimmer

Stealthy Malware Hides in WordPress Database, Steals Payment Data

Do Son January 9, 2025

A new breed of credit card skimming malware has been discovered, targeting WordPress checkout pages with alarming...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Fake LDAPNightmare PoC Exploit Conceals Information-Stealing Malware

Do Son January 9, 2025

Trend Micro researchers have uncovered a dangerous fake proof-of-concept (PoC) exploit masquerading as an exploit for CVE-2024-49113,...

Malicious npm Packages Target Solana Developers, Stealing Private Keys via Gmail XCharge C6 vulnerabilities EV charger security flaws GNU libtasn1 Vulnerability CVE-2025-13151 Credit Card Skimmer Malware CVE-2024-13892

XCharge C6 vulnerabilities EV charger security flaws GNU libtasn1 Vulnerability CVE-2025-13151 Credit Card Skimmer Malware CVE-2024-13892

Malicious npm Packages Target Solana Developers, Stealing Private Keys via Gmail

Do Son January 9, 2025

Socket’s threat research team has uncovered a concerning campaign involving malicious npm packages designed to exfiltrate Solana...

Unmasking Play Ransomware: Tactics, Techniques, and Mitigation Strategies Play Ransomware Tactics

Unmasking Play Ransomware: Tactics, Techniques, and Mitigation Strategies

Do Son January 9, 2025

Play ransomware, also known as Balloonfly or PlayCrypt, has emerged as a significant cyber threat since its...

Malware Alert: Banshee Stealer Targets macOS Users macOS malware 2024 XCSSET

Malware Alert: Banshee Stealer Targets macOS Users

Do Son January 9, 2025

Cybersecurity researchers at Check Point Research (CPR) have identified a new and sophisticated version of the Banshee...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Zero-Day Alert: UNC5337 Exploits Ivanti VPN Vulnerability CVE-2025-0282 for Espionage Operations

Do Son January 8, 2025

Ivanti Connect Secure (ICS) VPN appliances have become the focus of advanced threat actors, exploiting a newly...

“Gayfemboy” Botnet Leveraging 0-Day Exploit in Four-Faith Industrial Routers Gayfemboy botnet

“Gayfemboy” Botnet Leveraging 0-Day Exploit in Four-Faith Industrial Routers

Do Son January 7, 2025

XLab has released a report on the Gayfemboy botnet, a rapidly evolving threat leveraging a 0-day vulnerability...

Thousands of SonicWall Devices Remain Vulnerable to CVE-2024-40766 PyPI Packages Leak

Thousands of SonicWall Devices Remain Vulnerable to CVE-2024-40766

Do Son January 6, 2025

In September 2024, a critical vulnerability in SonicWall NSA devices, tracked as CVE-2024-40766, was disclosed. Since then,...

EAGERBEE: Advanced Backdoor Targets Middle Eastern ISPs and Government Entities EAGERBEE backdoor

EAGERBEE: Advanced Backdoor Targets Middle Eastern ISPs and Government Entities

Do Son January 6, 2025

Kaspersky Labs has uncovered a sophisticated cyberespionage campaign deploying the EAGERBEE backdoor to infiltrate internet service providers...

NonEuclid RAT—A Sophisticated Tool in the Cybercrime Arsenal Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

NonEuclid RAT—A Sophisticated Tool in the Cybercrime Arsenal

Do Son January 5, 2025

The NonEuclid Remote Access Trojan (RAT), detailed in a report by CYFIRMA, represents a significant evolution in...

CryptBot Infostealer Returns with Sophisticated Tactics for Initial Access PHP RCE vulnerability

CryptBot Infostealer Returns with Sophisticated Tactics for Initial Access

Do Son January 5, 2025

CryptBot, an information-stealing malware first detected in 2019, has resurfaced with advanced tactics to target unsuspecting victims....

Malicious Packages Weaponize OAST for Stealthy Data Exfiltration and Reconnaissance GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Malicious Packages Weaponize OAST for Stealthy Data Exfiltration and Reconnaissance

Do Son January 5, 2025

Researchers at Socket have uncovered a series of malicious campaigns exploiting Out-of-Band Application Security Testing (OAST) techniques....