Malware Archives • Page 68 of 131 • Daily CyberSecurity

Abusing Microsoft’s UI Automation Framework: The New Evasion Technique Bypassing EDR DPRK IT Workers, APT38 Crypto Forfeiture

Abusing Microsoft’s UI Automation Framework: The New Evasion Technique Bypassing EDR

Do Son December 13, 2024

Akamai security researcher Tomer Peled has unveiled a novel attack technique exploiting Microsoft’s legacy UI Automation framework,...

Gamaredon APT Deploys Two Russian Android Spyware Families: BoneSpy and PlainGnome RedLineCyber Clipboard Hijacker TangleCrypt Packer, STONESTOP EDR Killer Gamaredon APT - BoneSpy and PlainGnome

RedLineCyber Clipboard Hijacker TangleCrypt Packer, STONESTOP EDR Killer Gamaredon APT - BoneSpy and PlainGnome

Gamaredon APT Deploys Two Russian Android Spyware Families: BoneSpy and PlainGnome

Do Son December 12, 2024

Researchers at the Lookout Threat Lab have uncovered two sophisticated Android spyware families, BoneSpy and PlainGnome, attributed...

High-Profile Organizations in Southeast Asia Hit by Targeted Cyberattacks Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

High-Profile Organizations in Southeast Asia Hit by Targeted Cyberattacks

Do Son December 12, 2024

The Symantec Threat Hunter Team has uncovered a sophisticated cyber campaign targeting high-profile organizations in Southeast Asia....

Modular Java Backdoor Emerges in Cleo Exploitation Campaign (CVE-2024-50623) TEMPEST attacks

Modular Java Backdoor Emerges in Cleo Exploitation Campaign (CVE-2024-50623)

Do Son December 12, 2024

Rapid7 Labs and its Managed Detection and Response (MDR) team uncovered a sophisticated modular Java-based Remote Access...

APT-C-60 Exploits Legitimate Services in Sophisticated Malware Attack Targeting Japanese Organizations

Do Son December 12, 2024

In August 2024, JPCERT/CC confirmed a targeted attack against a Japanese organization, believed to be the work...

EagleMsgSpy: Unmasking a Sophisticated Chinese Surveillance Tool Honeywell CCTV Vulnerability CVE-2026-1670 EagleMsgSpy Spyware Tool ResidentBat Spyware, Belarusian KGB Surveillance

Honeywell CCTV Vulnerability CVE-2026-1670 EagleMsgSpy Spyware Tool ResidentBat Spyware, Belarusian KGB Surveillance

EagleMsgSpy: Unmasking a Sophisticated Chinese Surveillance Tool

Do Son December 12, 2024

Researchers at the Lookout Threat Lab have identified a sophisticated surveillance tool, dubbed EagleMsgSpy, reportedly used by...

Zloader Trojan Employs Novel DNS Tunneling Protocol for Enhanced Evasion Chinese espionage groups APT35 Phishing, Stormshield CTI

Zloader Trojan Employs Novel DNS Tunneling Protocol for Enhanced Evasion

Do Son December 11, 2024

Zloader, the modular Trojan with roots in the infamous Zeus malware, has once again evolved, presenting a...

Malicious npm Package Mimics ESLint Plugin, Steals Sensitive Data Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Malicious npm Package Mimics ESLint Plugin, Steals Sensitive Data

Do Son December 11, 2024

A recent report by the Socket Research Team uncovers a sophisticated typosquatting attack targeting developers using the...

Android Users Targeted: AppLite Trojan Disguised as Popular Apps tech-threat

Android Users Targeted: AppLite Trojan Disguised as Popular Apps

Do Son December 11, 2024

zLabs has uncovered AppLite, a sophisticated new variant of the AntiDot banking trojan, targeting Android devices through...

Operation Digital Eye: Chinese APT Exploits Visual Studio Code Tunnels in High-Stakes Espionage Campaign

Do Son December 11, 2024

In a sophisticated cyberespionage campaign dubbed Operation Digital Eye, SentinelOne and Tinexta Cyber uncovered activities linked to...

UAC-0185 APT Leverages Social Engineering to Target Ukrainian Defense Industrial Base UAC-0185 - MESHAGENT RAT

UAC-0185 APT Leverages Social Engineering to Target Ukrainian Defense Industrial Base

Do Son December 10, 2024

The Computer Emergency Response Team of Ukraine (CERT-UA) has issued a security advisory (CERT-UA#12414) detailing a sophisticated...

MoqHao Malware Targets Apple IDs and Android Devices Using iCloud and VK Platforms

Do Son December 10, 2024

A new campaign by the Roaming Mantis-affiliated MoqHao malware family, also known as Wroba and XLoader, has...

SpyNote RAT Targets High-Value Individuals in Southern Asia EV2GO Charging Platform ICSA-26-057-04 Lazarus Group, Crypto Hacks LazyStealer

SpyNote RAT Targets High-Value Individuals in Southern Asia

Do Son December 9, 2024

Cybersecurity researchers at CYFIRMA have uncovered a sophisticated cyberattack targeting high-value individuals in Southern Asia. Leveraging the...

Meeten Malware: AI-Powered Cyber Campaign Targets Web3 Professionals ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

Meeten Malware: AI-Powered Cyber Campaign Targets Web3 Professionals

Do Son December 9, 2024

Cado Security Labs has uncovered a highly sophisticated cyber campaign targeting professionals in the Web3 space. At...

Activation Context Hijacking: “Eclipse” PoC Weaponizes Trusted Processes

Do Son December 8, 2024

Kurosh Dabbagh Escalante, a Red Team Operator at BlackArrow, has introduced Eclipse, a proof-of-concept (PoC) tool designed...

Mauri Ransomware Exploits Apache ActiveMQ Flaw (CVE-2023-46604)

Do Son December 8, 2024

The AhnLab Security Intelligence Response Center (ASEC) has revealed that threat actors exploiting a critical vulnerability in...

The Rise of Mac Malware: 2024 Threat Report Reveals Alarming Trends macOS malware 2024 XCSSET

The Rise of Mac Malware: 2024 Threat Report Reveals Alarming Trends

Do Son December 8, 2024

For years, macOS enjoyed a reputation as a secure platform, relatively untouched by malware. However, a 60%...

Ultralytics AI Library Hit by Supply Chain Attack: 60 Million Downloads Compromised Ultralytics Supply Chain Attack

Ultralytics AI Library Hit by Supply Chain Attack: 60 Million Downloads Compromised

Do Son December 8, 2024

Cybersecurity researchers at ReversingLabs have detailed a supply chain attack on the popular AI library, Ultralytics, which...

BlueAlpha Exploits Cloudflare Tunnels for GammaDrop Malware Infrastructure UAT-8099 BadIIS Malware Pacific Islands Forum Cyberattack

BlueAlpha Exploits Cloudflare Tunnels for GammaDrop Malware Infrastructure

Do Son December 7, 2024

The Insikt Group has uncovered a sophisticated cyber-espionage operation conducted by BlueAlpha, a state-sponsored threat actor with...

FSB-Tampered Device Returned with Monokle-Type Spyware, Experts Reveal Monokle spyware

FSB-Tampered Device Returned with Monokle-Type Spyware, Experts Reveal

Do Son December 7, 2024

A joint investigation by the First Department and cybersecurity researchers has exposed the covert implantation of spyware...