Fileless Malware Archives • Page 2 of 3 • Daily CyberSecurity

Foxveil: New Malware Loader Hides in Plain Sight Using Cloudflare and Discord Foxveil Malware

Foxveil: New Malware Loader Hides in Plain Sight Using Cloudflare and Discord

Ddos February 17, 2026

A new and elusive malware loader has been discovered prowling the legitimate infrastructure of the web, abusing...

The “Windows + R” Trap: ClickFix Scam Tricks Users into Installing StealC Malware StealC Malware ClickFix Campaign

The “Windows + R” Trap: ClickFix Scam Tricks Users into Installing StealC Malware

Ddos February 16, 2026

A new report from LevelBlue dissects a sophisticated multi-stage malware campaign that turns a routine security check...

Excel Trap: New Phishing Campaign Deploys Fileless XWorm RAT XWorm RAT Excel Phishing

Excel Trap: New Phishing Campaign Deploys Fileless XWorm RAT

Ddos February 12, 2026

A new phishing campaign is exploiting an old vulnerability, using malicious Excel files to deploy the potent...

Sleeping with the Enemy: Dormant Backdoors Found in Ivanti EPMM GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

Sleeping with the Enemy: Dormant Backdoors Found in Ivanti EPMM

Ddos February 11, 2026

A stealthy new cyber espionage campaign is targeting Ivanti Endpoint Manager Mobile (EPMM), but unlike typical ransomware...

Hidden in Plain Sight: TA584 Deploys “Tsundere Bot” & Invisible Registry Keys TA584 Tsundere Bot Invisible Registry Persistence

Hidden in Plain Sight: TA584 Deploys “Tsundere Bot” & Invisible Registry Keys

Ddos February 2, 2026

TA584, a sophisticated Initial Access Broker (IAB) known for paving the way for ransomware gangs, has dramatically...

Stealth in Script: “PeckBirdy” Framework Powers New Wave of China-Aligned Attacks CVE-2024-22394

Stealth in Script: “PeckBirdy” Framework Powers New Wave of China-Aligned Attacks

Ddos January 27, 2026

A sophisticated new cyberweapon has been spotted in the arsenals of China-aligned Advanced Persistent Threat (APT) groups,...

Hidden in Plain Site: PURELOGS Stealer Hides Malware in Archive.org Images PURELOGS Stealer Archive.org Phishing

Hidden in Plain Site: PURELOGS Stealer Hides Malware in Archive.org Images

Ddos January 21, 2026

A seemingly innocuous pharmaceutical invoice in your inbox could be the first step in a sophisticated four-stage...

Invisible Intruder: Fileless Remcos RAT Hides in Shipping Emails Fileless Remcos RAT Phishing Campaign

Invisible Intruder: Fileless Remcos RAT Hides in Shipping Emails

Ddos January 19, 2026

A sophisticated new phishing campaign has been detected in the wild, leveraging a fileless variant of the...

SHADOW#REACTOR Malware Builds Remcos RAT via Text Files TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

SHADOW#REACTOR Malware Builds Remcos RAT via Text Files

Ddos January 15, 2026

Security researchers have uncovered a sophisticated new malware framework that is slipping past enterprise defenses by hiding...

Transparent Tribe Weaponizes “JLPT” Tests in New Cyber-Espionage Campaign Against India Operation IconCat, UNG0801 AFP cyberattack -NetWalker Ransomware VShell RAT

Operation IconCat, UNG0801 AFP cyberattack -NetWalker Ransomware VShell RAT

Transparent Tribe Weaponizes “JLPT” Tests in New Cyber-Espionage Campaign Against India

Ddos January 5, 2026

A seemingly harmless notification about a Japanese language proficiency exam has become the latest vector for state-aligned...

Caminho Loader-as-a-Service Uses LSB Steganography to Hide .NET Payloads in Archive.org Images Caminho LSB Steganography, Loader-as-a-Service 2023 Threat Report

Caminho LSB Steganography, Loader-as-a-Service 2023 Threat Report

Caminho Loader-as-a-Service Uses LSB Steganography to Hide .NET Payloads in Archive.org Images

Ddos October 28, 2025

Arctic Wolf Labs has uncovered a sophisticated Loader-as-a-Service (LaaS) operation dubbed “Caminho” — a Brazilian-origin malware loader...

Maverick Fileless Trojan Turns Infected Phones into WhatsApp Worms to Steal Banking and UPI Credentials

Ddos October 17, 2025

Researchers from Kaspersky’s Global Research and Analysis Team (GReAT) have uncovered a massive fileless malware campaign targeting...

Phantom Taurus: New Chinese APT Emerges with Fileless NET-STAR Backdoor Targeting Global Governments and Telecoms

Ddos October 1, 2025

Researchers from Unit 42 have uncovered a previously undocumented Chinese state-aligned threat actor, dubbed Phantom Taurus, whose...

EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military

Ddos September 12, 2025

Bitdefender Threat researchers have detailed a new and highly sophisticated fileless malware framework named EggStreme, used by...

A New Linux Malware Hides in Plain Sight by Weaponizing File Names Linux-filenames

A New Linux Malware Hides in Plain Sight by Weaponizing File Names

Ddos August 25, 2025

Linux has long been considered a fortress of security—a preferred platform for developers, system administrators, and security...

“NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage NightEagle APT, Exchange Zero-Day

“NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage

Ddos July 7, 2025

QiAnXin’s RedDrip team has exposed the full-scale cyber operations of a shadowy state-aligned APT group dubbed NightEagle...

Fileless Masslogger Infostealer Spreading via VBScript (.VBE) & Hiding in Your Registry GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Fileless Masslogger Infostealer Spreading via VBScript (.VBE) & Hiding in Your Registry

Ddos June 21, 2025

Hackers have once again employed rarely used yet remarkably effective techniques to compromise systems—this time by disguising...

Fileless AsyncRAT Campaign Targets German Users with Stealthy PowerShell Payload BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

Fileless AsyncRAT Campaign Targets German Users with Stealthy PowerShell Payload

Ddos June 17, 2025

In a recent investigation, threat intelligence firm CloudSEK uncovered a stealthy, fileless malware campaign leveraging social engineering...

North Korean APT37’s “ToyBox Story”: Stealthy Attacks Unveiled APT37, RoKRAT

North Korean APT37’s “ToyBox Story”: Stealthy Attacks Unveiled

Ddos May 13, 2025

In a recent expose by Genians Security Center (GSC), North Korean-linked APT group APT37 has once again...

Seqrite Labs Uncovers New Cronus Ransomware Campaign Utilizing Fake PayPal Documents

Ddos August 11, 2024

In a recent report, the Seqrite Labs APT-Team has exposed a series of malicious campaigns employing fake...