Malware Archives • Page 68 of 129 • Daily CyberSecurity

Elpaco Ransomware: A New Threat Actor Leverages CVE-2020-1472 for Global Attacks NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

Elpaco Ransomware: A New Threat Actor Leverages CVE-2020-1472 for Global Attacks

Do Son November 27, 2024

Kaspersky Labs has unveiled a sophisticated new ransomware variant named Elpaco, which has emerged as an evolution...

ANEL Backdoor Reactivated in Earth Kasha Cyber-Espionage Campaign

Do Son November 27, 2024

In June 2024, Trend Micro identified a new spear-phishing campaign targeting political organizations, research institutions, and think...

XorBot Botnet Resurfaces with Advanced Evasion and Exploits, Threatens IoT Devices

Do Son November 27, 2024

NSFOCUS has identified a resurgence of the XorBot botnet, a potent threat to Internet of Things (IoT)...

Year-Long Supply Chain Attack: Malicious NPM Package Compromises Cryptocurrency Wallets NPM Supply Chain

Year-Long Supply Chain Attack: Malicious NPM Package Compromises Cryptocurrency Wallets

Do Son November 27, 2024

The Checkmarx Security Research Team has uncovered a year-long supply chain attack involving the malicious NPM package...

SMOKEDHAM Backdoor: UNC2465’s Stealth Weapon for Extortion and Ransomware Campaigns

Do Son November 27, 2024

A comprehensive analysis by TRAC Labs has shed light on the SMOKEDHAM backdoor, a malicious tool leveraged...

ESET Unveils “Bootkitty”: The First UEFI Bootkit Targeting Linux Systems UEFI Secure Boot, Critical Vulnerability CVE-2025-3052

ESET Unveils “Bootkitty”: The First UEFI Bootkit Targeting Linux Systems

Do Son November 27, 2024

ESET researchers have unveiled Bootkitty, the first UEFI bootkit designed to target Linux systems, marking a new...

Privacy and Financial Security at Risk: McAfee Labs Warns of SpyLoan Applications

Do Son November 26, 2024

McAfee Labs has unveiled alarming findings about the surge in SpyLoan applications, a category of predatory loan...

CVE-2024-21887 and More: How Earth Estries APT Group Exploits VPNs & Servers

Do Son November 26, 2024

In a detailed report from Trend Micro, the Chinese advanced persistent threat (APT) group Earth Estries, also...

CyberVolk: The Hacktivist Collective Blurring Lines Between Activism, Ransomware, and Geopolitics

Do Son November 26, 2024

The pro-Russian hacktivist collective CyberVolk, also known as GLORIAMIST, has emerged as a significant threat in a...

Cybersecurity Alert: MUT-8694 Supply Chain Attack Targets npm and PyPI Ecosystems MUT-8694 threat actor

Cybersecurity Alert: MUT-8694 Supply Chain Attack Targets npm and PyPI Ecosystems

Do Son November 26, 2024

The open-source ecosystem has once again become the battleground for cybercriminals, as Datadog’s Security Research team uncovered...

Lazarus Group Exploits xattr with “RustyAttr” to Evade Detection

Do Son November 25, 2024

The Lazarus Group, a notorious North Korean cyber espionage collective, has added another stealthy technique to its...

Malicious npm Packages Exploiting Typosquatting to Inject SSH Backdoors

Do Son November 25, 2024

The developer community should be vigilant by the discovery of six malicious npm packages masquerading as popular...

Russia-Linked TAG-110 Launches Cyberespionage Campaign Across Asia and Europe

Do Son November 24, 2024

Insikt Group, the threat research division of Recorded Future, has uncovered a cyberespionage campaign attributed to TAG-110,...

WolfsBane: Gelsemium APT Group’s Linux Backdoor Debut Gelsemium APT group - WolfsBane

WolfsBane: Gelsemium APT Group’s Linux Backdoor Debut

Do Son November 24, 2024

ESET researchers have unveiled WolfsBane, the Linux counterpart to the Windows-based Gelsevirine backdoor, marking a significant milestone...

Asyncshell: The Evolution of APT-K-47’s Cyber Arsenal

Do Son November 24, 2024

The Knownsec 404 Advanced Threat Intelligence team has uncovered a sophisticated and evolving threat from the APT-K-47...

PROSPERO & Proton66: Unmasking the Bulletproof Hosting Connection bulletproof networks - PROSPERO and Proton66

PROSPERO & Proton66: Unmasking the Bulletproof Hosting Connection

Do Son November 24, 2024

In a comprehensive report by Intrinsec, the cybersecurity community is presented with detailed insights into the connection...

Python NodeStealer Evolution: Targeting Facebook Ads Manager and Credit Cards WordPress Backdoor

Python NodeStealer Evolution: Targeting Facebook Ads Manager and Credit Cards

Do Son November 23, 2024

The ever-evolving Python NodeStealer has resurfaced with advanced techniques and a broader target range, as detailed in...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

Malicious Update in Python Crypto Library Targets Private Keys via Telegram

Do Son November 23, 2024

The Phylum Research Team has uncovered a malicious update to the PyPI package aiocpa, a crypto library...

Ignoble Scorpius Strikes Again: The Rise of BlackSuit Ransomware

Do Son November 22, 2024

The cybercrime group known as Ignoble Scorpius has resurfaced with the BlackSuit ransomware, as detailed in a...

Weaponized Defenses: Malicious Campaign Hijacks Legitimate Security Drivers Hijack Security Drivers

Weaponized Defenses: Malicious Campaign Hijacks Legitimate Security Drivers

Do Son November 21, 2024

The Trellix Advanced Research Center has uncovered a malicious campaign that turns trusted security tools against their...