Malware Archives • Page 70 of 131 • Daily CyberSecurity

CVE-2024-11667: Critical Vulnerability in Zyxel Firewalls Actively Exploited

Do Son November 28, 2024

CERT Germany (CERT-Bund) and Zyxel have warned of actively exploiting a critical vulnerability in Zyxel firewalls. This...

Evasive Malware Campaign Leverages CleverSoar Installer & Nidhogg Rootkit CleverSoar Attack

Evasive Malware Campaign Leverages CleverSoar Installer & Nidhogg Rootkit

Do Son November 28, 2024

Rapid7 Labs has uncovered a sophisticated malware campaign employing the newly identified CleverSoar installer, a highly evasive...

Malicious npm Packages Threaten Crypto Developers: Keylogging and Wallet Theft Revealed

Do Son November 28, 2024

Researchers at Socket have uncovered a malicious campaign targeting crypto developers. The attacker, operating under the pseudonym...

Godot Engine Compromised: Malware Distributed via GodLoader mal

Godot Engine Compromised: Malware Distributed via GodLoader

Do Son November 28, 2024

Check Point Research has identified the misuse of the Godot game engine—a popular, open-source tool for game...

Credit Card Skimmer Malware Uncovered: Targeting Magento Checkout Pages XCharge C6 vulnerabilities EV charger security flaws GNU libtasn1 Vulnerability CVE-2025-13151 Credit Card Skimmer Malware CVE-2024-13892

XCharge C6 vulnerabilities EV charger security flaws GNU libtasn1 Vulnerability CVE-2025-13151 Credit Card Skimmer Malware CVE-2024-13892

Credit Card Skimmer Malware Uncovered: Targeting Magento Checkout Pages

Do Son November 28, 2024

Magento, a leading eCommerce platform, has once again become the target of sophisticated cybercriminal tactics. Security Analyst...

PixPirate Resurfaces: Spreading via WhatsApp and Expanding Beyond Brazil PixPirate malware WhatsApp

PixPirate Resurfaces: Spreading via WhatsApp and Expanding Beyond Brazil

Do Son November 27, 2024

A new iteration of the PixPirate malware has been detected by IBM Trusteer researchers, marking the resurgence...

35 Million Devices Vulnerable: Matrix DDoS Campaign Highlights Growing IoT Threat

Do Son November 27, 2024

Aqua Nautilus researchers have uncovered a major Distributed Denial-of-Service (DDoS) campaign led by a threat actor operating...

Elpaco Ransomware: A New Threat Actor Leverages CVE-2020-1472 for Global Attacks NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

Elpaco Ransomware: A New Threat Actor Leverages CVE-2020-1472 for Global Attacks

Do Son November 27, 2024

Kaspersky Labs has unveiled a sophisticated new ransomware variant named Elpaco, which has emerged as an evolution...

ANEL Backdoor Reactivated in Earth Kasha Cyber-Espionage Campaign

Do Son November 27, 2024

In June 2024, Trend Micro identified a new spear-phishing campaign targeting political organizations, research institutions, and think...

XorBot Botnet Resurfaces with Advanced Evasion and Exploits, Threatens IoT Devices

Do Son November 27, 2024

NSFOCUS has identified a resurgence of the XorBot botnet, a potent threat to Internet of Things (IoT)...

Year-Long Supply Chain Attack: Malicious NPM Package Compromises Cryptocurrency Wallets NPM Supply Chain

Year-Long Supply Chain Attack: Malicious NPM Package Compromises Cryptocurrency Wallets

Do Son November 27, 2024

The Checkmarx Security Research Team has uncovered a year-long supply chain attack involving the malicious NPM package...

SMOKEDHAM Backdoor: UNC2465’s Stealth Weapon for Extortion and Ransomware Campaigns

Do Son November 27, 2024

A comprehensive analysis by TRAC Labs has shed light on the SMOKEDHAM backdoor, a malicious tool leveraged...

ESET Unveils “Bootkitty”: The First UEFI Bootkit Targeting Linux Systems vulnerable UEFI shim bootloaders, Secure Boot bypass UEFI Secure Boot, Critical Vulnerability CVE-2025-3052

vulnerable UEFI shim bootloaders, Secure Boot bypass UEFI Secure Boot, Critical Vulnerability CVE-2025-3052

ESET Unveils “Bootkitty”: The First UEFI Bootkit Targeting Linux Systems

Do Son November 27, 2024

ESET researchers have unveiled Bootkitty, the first UEFI bootkit designed to target Linux systems, marking a new...

Privacy and Financial Security at Risk: McAfee Labs Warns of SpyLoan Applications

Do Son November 26, 2024

McAfee Labs has unveiled alarming findings about the surge in SpyLoan applications, a category of predatory loan...

CVE-2024-21887 and More: How Earth Estries APT Group Exploits VPNs & Servers

Do Son November 26, 2024

In a detailed report from Trend Micro, the Chinese advanced persistent threat (APT) group Earth Estries, also...

CyberVolk: The Hacktivist Collective Blurring Lines Between Activism, Ransomware, and Geopolitics

Do Son November 26, 2024

The pro-Russian hacktivist collective CyberVolk, also known as GLORIAMIST, has emerged as a significant threat in a...

Cybersecurity Alert: MUT-8694 Supply Chain Attack Targets npm and PyPI Ecosystems MUT-8694 threat actor

Cybersecurity Alert: MUT-8694 Supply Chain Attack Targets npm and PyPI Ecosystems

Do Son November 26, 2024

The open-source ecosystem has once again become the battleground for cybercriminals, as Datadog’s Security Research team uncovered...

Lazarus Group Exploits xattr with “RustyAttr” to Evade Detection

Do Son November 25, 2024

The Lazarus Group, a notorious North Korean cyber espionage collective, has added another stealthy technique to its...

Malicious npm Packages Exploiting Typosquatting to Inject SSH Backdoors

Do Son November 25, 2024

The developer community should be vigilant by the discovery of six malicious npm packages masquerading as popular...

Russia-Linked TAG-110 Launches Cyberespionage Campaign Across Asia and Europe

Do Son November 24, 2024

Insikt Group, the threat research division of Recorded Future, has uncovered a cyberespionage campaign attributed to TAG-110,...