AsyncRAT Archives • Daily CyberSecurity

The Malware That Chats Back: Inside G DATA’s Real-Time Notepad Encounter with the “Kiss Loader” Author Kiss Loader Early Bird APC Injection

The Malware That Chats Back: Inside G DATA’s Real-Time Notepad Encounter with the “Kiss Loader” Author

Do Son March 31, 2026

While analyzing a new piece of malware dubbed “Kiss Loader,” G DATA Security Center found themselves in...

“TryCloudflare” Abuse: AsyncRAT Exploits Free Tunnels to Build Stealthy WebDAV Network AsyncRAT Malware Cloudflare Tunnel Abuse

“TryCloudflare” Abuse: AsyncRAT Exploits Free Tunnels to Build Stealthy WebDAV Network

Do Son January 13, 2026

A sophisticated campaign distributing the AsyncRAT Remote Access Trojan is turning a trusted internet service into a...

The ClickFix Trap: PHALT#BLYX Targets Hotels with Fake Blue Screens and DCRat PHALT#BLYX hospitality campaign, ClickFix BSOD malware

The ClickFix Trap: PHALT#BLYX Targets Hotels with Fake Blue Screens and DCRat

Do Son January 7, 2026

A sophisticated new cyber-espionage campaign is targeting the hospitality industry, turning everyday booking management into a nightmare...

SVG Smuggling: Fake Colombian Judicial Lure Deploys AsyncRAT via Malicious HTA File SVG Smuggling, AsyncRAT

SVG Smuggling: Fake Colombian Judicial Lure Deploys AsyncRAT via Malicious HTA File

Do Son October 14, 2025

Seqrite Threat Research Labs has uncovered a targeted phishing campaign in Spanish designed to trick Colombian users...

Beyond Trust: A New Campaign Is Using a Legitimate Tool to Deliver RATs ConnectWise ScreenConnect, RMM tool abuse

Beyond Trust: A New Campaign Is Using a Legitimate Tool to Deliver RATs

Do Son September 23, 2025

A new report from Hunt Intelligence reveals how attackers are abusing ConnectWise ScreenConnect (formerly ConnectWise Control) to...

Acronis TRU Uncovers Surge in ScreenConnect Abuse with Dual-RAT Deployment Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Acronis TRU Uncovers Surge in ScreenConnect Abuse with Dual-RAT Deployment

Do Son September 5, 2025

The Acronis Threat Research Unit (TRU) has released new findings on an evolving cyber campaign that abuses...

GitHub Abused in Amadey MaaS Campaign: Talos Uncovers Malware-as-a-Service Network Leveraging Public Repositories GitHub MaaS, Emmenhtal Loader

GitHub Abused in Amadey MaaS Campaign: Talos Uncovers Malware-as-a-Service Network Leveraging Public Repositories

Do Son July 18, 2025

Cisco Talos has uncovered a multi-pronged Malware-as-a-Service (MaaS) operation exploiting public GitHub repositories to distribute a wide...

Blind Eagle (APT-C-36): Financially Motivated Cybercrime Meets Open-Access Infrastructure in LATAM

Do Son June 30, 2025

Trustwave SpiderLabs has uncovered new insights into the operations of Blind Eagle (APT-C-36), a Latin America-focused threat...

Shadow Vector: Malicious SVGs Deliver AsyncRAT & RemcosRAT in Colombian Phishing Campaign! Shadow Vector, RAT Malware

Shadow Vector: Malicious SVGs Deliver AsyncRAT & RemcosRAT in Colombian Phishing Campaign!

Do Son June 23, 2025

The Acronis Threat Research Unit (TRU) has uncovered a stealthy and technically mature malware campaign dubbed Shadow...

SERPENTINE#CLOUD: Stealthy Malware Campaign Leverages Cloudflare Tunnels for In-Memory RAT Delivery TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

SERPENTINE#CLOUD: Stealthy Malware Campaign Leverages Cloudflare Tunnels for In-Memory RAT Delivery

Do Son June 20, 2025

A newly uncovered malicious campaign, dubbed SERPENTINE#CLOUD, leverages Cloudflare Tunnel subdomains to deliver payloads via phishing email...

Fileless AsyncRAT Campaign Targets German Users with Stealthy PowerShell Payload BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

Fileless AsyncRAT Campaign Targets German Users with Stealthy PowerShell Payload

Do Son June 17, 2025

In a recent investigation, threat intelligence firm CloudSEK uncovered a stealthy, fileless malware campaign leveraging social engineering...

Obscure VBScript “sostener.vbs” Unmasked: Fuels Multi-Stage RAT Delivery, Linked to Blind Eagle APT

Do Son June 16, 2025

In a deeply revealing investigation, Censys researchers have uncovered a web of malicious infrastructure revolving around a...

Discord Invite System Hijacked: Expired Links Now Lead to Crypto-Stealing Malware

Do Son June 15, 2025

In the latest expose from Check Point Research, Discord’s once-trusted invite system has been turned against its...

Unveiling a Multi-Stage Malware Attack: Cloudflare Abuse and AsyncRAT Delivery Infection chains distributing AsyncRAT

Unveiling a Multi-Stage Malware Attack: Cloudflare Abuse and AsyncRAT Delivery

Do Son April 23, 2025

In a detailed report by the Sekoia Threat Detection & Research (TDR) team, researchers have unveiled a...

Steganographic Campaign Distributes Multiple Malware Variants, Including Remcos and AsyncRAT

Do Son March 19, 2025

A new report by Seqrite has uncovered an ongoing steganographic campaign that is being used to distribute...

Booking.com Impersonated in Phishing Campaign Delivering Credential-Stealing Malware Booking Phishing Campaign

Booking.com Impersonated in Phishing Campaign Delivering Credential-Stealing Malware

Do Son March 15, 2025

A sophisticated phishing campaign impersonating Booking.com is targeting organizations in the hospitality industry, using a novel social...

Blind Eagle’s Rapid Adaptation: New Tactics Deployed Days After Patch RDP Botnet, Coordinated Scanning CVE-2024-21888 & CVE-2024-21893

Blind Eagle’s Rapid Adaptation: New Tactics Deployed Days After Patch

Do Son March 12, 2025

A new wave of cyberattacks linked to the Blind Eagle (APT-C-36) group has been uncovered by Check...

GitVenom Campaign: Malicious GitHub Repositories Target Crypto and Credentials

Do Son February 24, 2025

Security researchers at Kaspersky Labs have uncovered a large-scale cybercrime campaign, dubbed GitVenom, that targets GitHub users...

Security Alert: AsyncRAT Malware Evades Detection with Null-AMSI

Do Son February 23, 2025

A new malware campaign uncovered by Cyble Research and Intelligence Labs (CRIL) is leveraging Null-AMSI to bypass...

AsyncRAT Rises Again: Malware Abuses Legitimate Services for Stealthy Delivery AsyncRAT Delivery

AsyncRAT Rises Again: Malware Abuses Legitimate Services for Stealthy Delivery

Do Son February 7, 2025

Forcepoint X-Labs exposes a new campaign utilizing Python, TryCloudflare, and Dropbox to spread the notorious AsyncRAT. The...

Critical Alert 1 Active Exploit Detected Today