DLL Sideloading Archives • Page 3 of 4 • Daily CyberSecurity

New Rust Backdoor ChaosBot Uses Discord as Covert C2 Channel to Target Financial Services ChaosBot Discord C2, Rust Backdoor

New Rust Backdoor ChaosBot Uses Discord as Covert C2 Channel to Target Financial Services

Do Son October 13, 2025

The eSentire Threat Response Unit (TRU) identified a new Rust-based backdoor—dubbed ChaosBot—deployed inside a financial services organization’s...

APT Meets GPT: China-Aligned UTA0388 Used ChatGPT for Automated, Multilingual Spear-Phishing Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

APT Meets GPT: China-Aligned UTA0388 Used ChatGPT for Automated, Multilingual Spear-Phishing

Do Son October 9, 2025

Volexity has uncovered a sophisticated cyber-espionage operation in which a China-aligned threat actor, tracked as UTA0388, weaponized...

Mustang Panda APT Uses Hidden DLL and EnumFontsW to Launch Stealthy Tibet-Themed Campaign axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

Mustang Panda APT Uses Hidden DLL and EnumFontsW to Launch Stealthy Tibet-Themed Campaign

Do Son October 8, 2025

A new phishing campaign analyzed by malware researcher 0x0d4y has uncovered fresh insights into Mustang Panda’s evolving...

Chinese APT Launches Spearphishing Campaign, Using Fake Cloudflare Lure to Deliver PlugX Malware TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

Chinese APT Launches Spearphishing Campaign, Using Fake Cloudflare Lure to Deliver PlugX Malware

Do Son October 7, 2025

A new report from StrikeReady Labs has revealed a sophisticated spear-phishing campaign targeting European governmental and aviation...

Confucius APT Evolves: Espionage Group Shifts from WooperStealer to Advanced Python Backdoor AnonDoor Salt Typhoon Teleco Hack, Cisco Academy Link CVE-2025-0282 PoC exploit

Salt Typhoon Teleco Hack, Cisco Academy Link CVE-2025-0282 PoC exploit

Confucius APT Evolves: Espionage Group Shifts from WooperStealer to Advanced Python Backdoor AnonDoor

Do Son October 3, 2025

The Confucius group, a long-running cyber-espionage actor first identified in 2013, has resurfaced with a new wave...

Russian-Speaking Lunar Spider Group Launches New Ransomware Wave with Latrodectus V2 Loader Sandworm Tactical Pivot, Edge Device Misconfiguration Russian cyber firms, Kremlin ties Sandworm MAX messenger

Sandworm Tactical Pivot, Edge Device Misconfiguration Russian cyber firms, Kremlin ties Sandworm MAX messenger

Russian-Speaking Lunar Spider Group Launches New Ransomware Wave with Latrodectus V2 Loader

Do Son October 2, 2025

The NVISO Cyber Security Incident Response Team (CSIRT) has released new findings exposing the latest campaign by...

Patchwork APT Resurfaces: Stealthy Espionage Campaign Exploits DLL Sideloading and Layered Obfuscation Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Patchwork APT Resurfaces: Stealthy Espionage Campaign Exploits DLL Sideloading and Layered Obfuscation

Do Son October 1, 2025

The Patchwork APT group—also known as Dropping Elephant, Monsoon, and Hangover Group—has resurfaced with a new campaign...

From Infostealer to Full RAT: Huntress Uncovers a Multi-Stage Malware Attack Deploying PureRAT AdaptixC2 Abuse, Russian Cybercrime RondoDox Botnet, Exploit Shotgun China Cyber Power, Red Hackers Nvidia cyberattack

AdaptixC2 Abuse, Russian Cybercrime RondoDox Botnet, Exploit Shotgun China Cyber Power, Red Hackers Nvidia cyberattack

From Infostealer to Full RAT: Huntress Uncovers a Multi-Stage Malware Attack Deploying PureRAT

Do Son September 29, 2025

Huntress has published a detailed investigation into a recent intrusion campaign that began as a Python-based infostealer...

Subtle Snail: Iran-Linked Espionage Campaign Targets European Telecom, Aerospace, and Defense Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Subtle Snail: Iran-Linked Espionage Campaign Targets European Telecom, Aerospace, and Defense

Do Son September 23, 2025

A new study from Catalyst has exposed a sophisticated cyber espionage campaign conducted by Subtle Snail (UNC1549),...

EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military

Do Son September 12, 2025

Bitdefender Threat researchers have detailed a new and highly sophisticated fileless malware framework named EggStreme, used by...

Cephalus: The New Ransomware That Abuses Legitimate Tools to Bypass Security

Do Son August 27, 2025

Recently, threat hunters at Huntress observed two separate incidents involving a new ransomware variant dubbed Cephalus. The...

A Trojan in Disguise: New Python Package on PyPI Hides a Multi-Stage Malware Operation Supply chain attack

A Trojan in Disguise: New Python Package on PyPI Hides a Multi-Stage Malware Operation

Do Son August 21, 2025

Zscaler’s ThreatLabz team has issued a warning after uncovering a malicious Python package on the Python Package...

Charon Ransomware Emerges: APT-Style Precision Meets Destructive Encryption Charon Ransomware, APT Tactics

Charon Ransomware Emerges: APT-Style Precision Meets Destructive Encryption

Do Son August 13, 2025

Trend Research has identified a new ransomware family named Charon, targeting the Middle East’s public sector and...

Mustang Panda Backdoor Exposed: New ToneShell Malware Masquerades as Chrome to Spy on Gov’t & Military Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mustang Panda Backdoor Exposed: New ToneShell Malware Masquerades as Chrome to Spy on Gov’t & Military

Do Son August 6, 2025

A new threat analysis by Kyaw Pyiyt Htet, a CREST-certified Threat Intelligence Analyst, has revealed the inner...

New PXA Stealer Campaign Hits 62 Countries with Stealthy DLL Sideloading and Telegram Exfiltration PXA Stealer, Infostealer

New PXA Stealer Campaign Hits 62 Countries with Stealthy DLL Sideloading and Telegram Exfiltration

Do Son August 5, 2025

A new report by SentinelLABS and Beazley Security unveils an expansive and rapidly evolving infostealer operation powered...

LockBit Ransomware Evolves: New Stealthy Tactics Use DLL Sideloading & Masquerading to Bypass Defenses LockBit Ransomware, DLL Sideloading

LockBit Ransomware Evolves: New Stealthy Tactics Use DLL Sideloading & Masquerading to Bypass Defenses

Do Son August 1, 2025

LockBit isn’t just another ransomware group—it’s an evolving threat that continues to adapt its tactics to evade...

GOLD BLADE Unleashes RedLoader with Novel Attack Chain: LNK Files + WebDAV + DLL Sideloading Evades Detection RedLoader, DLL Sideloading

GOLD BLADE Unleashes RedLoader with Novel Attack Chain: LNK Files + WebDAV + DLL Sideloading Evades Detection

Do Son July 31, 2025

Sophos analysts have uncovered a newly combined infection technique used by the GOLD BLADE cybercriminal group to...

Operation GhostChat & PhantomPrayers: China-Linked APTs Target Tibetan Community with Stealthy Spyware Cyber-espionage, Tibetan Community

Operation GhostChat & PhantomPrayers: China-Linked APTs Target Tibetan Community with Stealthy Spyware

Do Son July 25, 2025

In a coordinated investigation with TibCERT, Zscaler ThreatLabz has uncovered two state-sponsored cyber-espionage campaigns—Operation GhostChat and Operation...

Dropping Elephant Targets Türkiye’s Missile Industry with Stealthy Conference Lures & VLC DLL Sideloading Cyber-espionage, Dropping Elephant