Cybercrime

RevengeHotels Strikes Back: AI-Generated Phishing and a New RAT Target Hotels

• Cybercriminals

RevengeHotels Strikes Back: AI-Generated Phishing and a New RAT Target Hotels

Do Son September 17, 2025 0

The long-running cybercrime group RevengeHotels—also tracked as TA558—has resurfaced with a new campaign targeting hotels and the...

Read More Read more about RevengeHotels Strikes Back: AI-Generated Phishing and a New RAT Target Hotels

SmokeLoader Rises From the Ashes with New, Evasive Variants

• Malware

SmokeLoader Rises From the Ashes with New, Evasive Variants

Do Son September 17, 2025 0

First emerging in 2011, SmokeLoader (also known as Smoke or Dofoil) has remained one of the most...

Read More Read more about SmokeLoader Rises From the Ashes with New, Evasive Variants

PureHVNC RAT: Inside the HVNC Malware and the PureCoder Ecosystem

• Cybercriminals

PureHVNC RAT: Inside the HVNC Malware and the PureCoder Ecosystem

Do Son September 17, 2025 0

A recent forensic investigation by Check Point Research (CPR) has shed light on the Pure malware family,...

Read More Read more about PureHVNC RAT: Inside the HVNC Malware and the PureCoder Ecosystem

AISURU Botnet: From Record-Breaking DDoS to Residential Proxy Empire

• Malware

AISURU Botnet: From Record-Breaking DDoS to Residential Proxy Empire

Do Son September 17, 2025 0

The AISURU botnet, first disclosed by XLab in 2024, has rapidly become one of the most dangerous...

Read More Read more about AISURU Botnet: From Record-Breaking DDoS to Residential Proxy Empire

Maranhão Stealer: A New Malware Hijacks Gamers’ PCs Through Pirated Games

• Malware

Maranhão Stealer: A New Malware Hijacks Gamers’ PCs Through Pirated Games

Do Son September 16, 2025 0

The Cyble Research and Intelligence Labs (CRIL) has uncovered an active campaign distributing a new information-stealing malware...

Read More Read more about Maranhão Stealer: A New Malware Hijacks Gamers’ PCs Through Pirated Games

Yurei: The New Ransomware Group Using Open-Source Code to Target Businesses

• Malware

Yurei: The New Ransomware Group Using Open-Source Code to Target Businesses

Do Son September 16, 2025 0

Recently, researchers at Check Point Research (CPR) identified a new ransomware group calling itself Yurei—a name inspired...

Read More Read more about Yurei: The New Ransomware Group Using Open-Source Code to Target Businesses

A Digital Trojan Horse: A New Campaign Is Using SEO to Deliver Malware

• Cybercriminals

A Digital Trojan Horse: A New Campaign Is Using SEO to Deliver Malware

Do Son September 16, 2025 0

Researchers at FortiGuard Labs have uncovered a sophisticated SEO poisoning campaign aimed at Chinese-speaking users. By manipulating...

Read More Read more about A Digital Trojan Horse: A New Campaign Is Using SEO to Deliver Malware

Unveiling BaoLoader: How One Malware Family Abuses Trust for 7 Years

• Cybercriminals

Unveiling BaoLoader: How One Malware Family Abuses Trust for 7 Years

Do Son September 15, 2025 0

Expel researchers have lifted the veil on a long-running malware operation abusing the global trust model of...

Read More Read more about Unveiling BaoLoader: How One Malware Family Abuses Trust for 7 Years

China-Aligned Hackers Unleash Upgraded Toneshell and New USB Worm

• Cyber Security
• Malware

China-Aligned Hackers Unleash Upgraded Toneshell and New USB Worm

Do Son September 15, 2025 0

IBM X-Force has published new findings on Hive0154, a China-aligned threat actor also tracked under names such...

Read More Read more about China-Aligned Hackers Unleash Upgraded Toneshell and New USB Worm

EvilAI Malware Campaign Exploits Trust in AI Tools to Infiltrate Global Industries

• Malware

EvilAI Malware Campaign Exploits Trust in AI Tools to Infiltrate Global Industries

Do Son September 15, 2025 0

Trend Micro researchers have uncovered a sophisticated malware campaign dubbed EvilAI, which disguises itself as productivity and...

Read More Read more about EvilAI Malware Campaign Exploits Trust in AI Tools to Infiltrate Global Industries

Meet ZynorRAT: The New Cross-Platform Malware Controlled via Telegram

• Malware

Meet ZynorRAT: The New Cross-Platform Malware Controlled via Telegram

Do Son September 13, 2025 0

The Sysdig Threat Research Team (TRT) has discovered a new cross-platform Remote Access Trojan (RAT) dubbed ZynorRAT,...

Read More Read more about Meet ZynorRAT: The New Cross-Platform Malware Controlled via Telegram

BlackNevas Ransomware: A Persistent Global Threat With Impossible-to-Decrypt Payloads

• Malware

BlackNevas Ransomware: A Persistent Global Threat With Impossible-to-Decrypt Payloads

Do Son September 12, 2025 0

AhnLab researchers have published a technical analysis of BlackNevas, a ransomware group that has been steadily launching...

Read More Read more about BlackNevas Ransomware: A Persistent Global Threat With Impossible-to-Decrypt Payloads

kkRAT: A New Malware Blends Crypto Hijacking with Legitimate RMM Tools

• Malware

kkRAT: A New Malware Blends Crypto Hijacking with Legitimate RMM Tools

Do Son September 12, 2025 0

Zscaler ThreatLabz has identified a sophisticated malware campaign active since early May 2025, targeting Chinese-speaking users with...

Read More Read more about kkRAT: A New Malware Blends Crypto Hijacking with Legitimate RMM Tools

CyberVolk Ransomware’s Decryption Flaw Makes Data Recovery Impossible

• Malware

CyberVolk Ransomware’s Decryption Flaw Makes Data Recovery Impossible

Do Son September 11, 2025 0

AhnLab researchers have released an in-depth technical analysis of the CyberVolk ransomware, a strain that has been...

Read More Read more about CyberVolk Ransomware’s Decryption Flaw Makes Data Recovery Impossible

KillSec Ransomware Strikes Brazilian Healthcare Provider, Exposing Patient Data

• Cybercriminals
• Data Leak

KillSec Ransomware Strikes Brazilian Healthcare Provider, Exposing Patient Data

Do Son September 11, 2025 0

Resecurity has reported that KillSec ransomware has targeted MedicSolution, a key healthcare software provider in Brazil, compromising...

Read More Read more about KillSec Ransomware Strikes Brazilian Healthcare Provider, Exposing Patient Data

RatOn: The New Android Trojan That Steals Crypto and Uses NFC Relay Attacks

• Malware

RatOn: The New Android Trojan That Steals Crypto and Uses NFC Relay Attacks

Do Son September 9, 2025 0

ThreatFabric has uncovered RatOn, a newly developed Android banking trojan that merges traditional overlay fraud with NFC...

Read More Read more about RatOn: The New Android Trojan That Steals Crypto and Uses NFC Relay Attacks

Salat Stealer: A New Go-Based MaaS Is Hijacking Browsers and Crypto Wallets

• Malware

Salat Stealer: A New Go-Based MaaS Is Hijacking Browsers and Crypto Wallets

Do Son September 9, 2025 0

CYFIRMA has released an in-depth analysis of Salat Stealer (also known as WEB_RAT), a sophisticated Go-based malware...

Read More Read more about Salat Stealer: A New Go-Based MaaS Is Hijacking Browsers and Crypto Wallets

Malicious npm Packages Impersonate Flashbots SDKs to Steal Ethereum Wallet Credentials

• Malware

Malicious npm Packages Impersonate Flashbots SDKs to Steal Ethereum Wallet Credentials

Do Son September 9, 2025 0

Socket’s Threat Research Team has uncovered a coordinated supply chain attack targeting the Ethereum ecosystem through four...

Read More Read more about Malicious npm Packages Impersonate Flashbots SDKs to Steal Ethereum Wallet Credentials

50,000 Emails a Day: How a Cloud Flaw Is Fueling Phishing Campaigns

• Cybercriminals

50,000 Emails a Day: How a Cloud Flaw Is Fueling Phishing Campaigns

Do Son September 8, 2025 0

The Wiz Research team has revealed details of a May 2025 phishing campaign that weaponized Amazon Simple...

Read More Read more about 50,000 Emails a Day: How a Cloud Flaw Is Fueling Phishing Campaigns

SentinelLABS Reveals How North Korean “Contagious Interview” Operators Abuse Threat Intel Platforms

• Cybercriminals

SentinelLABS Reveals How North Korean “Contagious Interview” Operators Abuse Threat Intel Platforms

Do Son September 5, 2025 0

The SentinelLABS intelligence team, in collaboration with Validin, has published an in-depth analysis of North Korean-aligned actors...

Read More Read more about SentinelLABS Reveals How North Korean “Contagious Interview” Operators Abuse Threat Intel Platforms