Infostealer Archives • Page 6 of 8 • Daily CyberSecurity

North Korean APT Launches Massive npm Supply Chain Attack: Typosquatting & Fake Jobs Steal Crypto from Devs npm Supply Chain Attack, North Korean APT

npm Supply Chain Attack, North Korean APT

North Korean APT Launches Massive npm Supply Chain Attack: Typosquatting & Fake Jobs Steal Crypto from Devs

Do Son June 26, 2025

In a detailed expose, the Socket Threat Research Team has uncovered an ongoing and highly targeted supply...

Fileless Masslogger Infostealer Spreading via VBScript (.VBE) & Hiding in Your Registry GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Fileless Masslogger Infostealer Spreading via VBScript (.VBE) & Hiding in Your Registry

Do Son June 21, 2025

Hackers have once again employed rarely used yet remarkably effective techniques to compromise systems—this time by disguising...

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data

Do Son June 20, 2025

According to a new report from Proofpoint, a previously known threat, ACR Stealer, has been reborn under...

Banana Squad Strikes Again: 60+ GitHub Repositories Trojanized in New Software Supply Chain Attack

Do Son June 20, 2025

A newly uncovered software supply chain campaign by the threat group Banana Squad has compromised more than...

Stargazers Ghost Network: Minecraft Mods Used to Distribute Multi-Stage Stealers via GitHub

Do Son June 20, 2025

A new report from Check Point Research exposes a sophisticated malware campaign that has weaponized the modding...

Elastic Uncovers Stealthy Campaign Using GHOSTPULSE and ARECHCLIENT2 Malware Fake captcha

Elastic Uncovers Stealthy Campaign Using GHOSTPULSE and ARECHCLIENT2 Malware

Do Son June 19, 2025

Elastic Security Labs has revealed a highly sophisticated multi-stage attack chain exploiting a social engineering method dubbed...

From Cheats to Compromise: Blitz Malware Exploits Gamers via Backdoored Standoff 2 Cheats Blitz infection chain

From Cheats to Compromise: Blitz Malware Exploits Gamers via Backdoored Standoff 2 Cheats

Do Son June 9, 2025

Unit 42, the threat intelligence arm of Palo Alto Networks, has uncovered a malware campaign involving Blitz,...

DuplexSpy RAT: New C# Malware Toolkit Emerges on GitHub RAT

DuplexSpy RAT: New C# Malware Toolkit Emerges on GitHub

Do Son June 9, 2025

CYFIRMA’s Threat Intelligence Team has published an in-depth analysis of DuplexSpy RAT, a powerful and modular remote...

FormBook Returns: Exploiting CVE-2017-0199 via Malicious Excel Attachments in New Phishing Campaign Demo for CVE-2017-0199

FormBook Returns: Exploiting CVE-2017-0199 via Malicious Excel Attachments in New Phishing Campaign

Do Son June 9, 2025

FortiGuard Labs has uncovered a renewed phishing campaign that leverages the eight-year-old CVE-2017-0199 vulnerability to deploy FormBook,...

AI Interface Hijacked: Open WebUI Exploited for Cryptominers and Stealthy AI Malware Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

AI Interface Hijacked: Open WebUI Exploited for Cryptominers and Stealthy AI Malware

Do Son June 4, 2025

The Sysdig Threat Research Team (TRT) has uncovered a malicious campaign exploiting a misconfigured Open WebUI instance—an...

PyPI Supply Chain Attack Steals Solana Private Keys via Covert Monkey-Patching PyPI Supply Chain, Solana Theft

PyPI Supply Chain Attack Steals Solana Private Keys via Covert Monkey-Patching

Do Son June 2, 2025

Socket’s Threat Research Team has uncovered a sophisticated supply chain attack on the Python Package Index (PyPI)...

Warning: Fake AI Tools Spread CyberLock Ransomware and Numero Destructive Malware

Do Son May 30, 2025

As artificial intelligence continues to revolutionize industries, cybercriminals are exploiting the growing demand for AI-driven tools by...

Warning: Thousands of Ads Promote Fake AI Video Tools Distributing Malware

Do Son May 29, 2025

As artificial intelligence tools rise in popularity, so too does their abuse by cybercriminals. A recent investigation...

Beware Katz Stealer: Sophisticated Malware-as-a-Service Steals Everything

Do Son May 29, 2025

A newly analyzed variant of the Katz Stealer malware has been dissected by the Nextron Threat Research...

New macOS Infostealer: AppleProcessHub Uses Objective-C to Steal Developer Data

Do Son May 27, 2025

A stealthy new macOS infostealer named AppleProcessHub has attracted a lot of attention from security experts, with...

DOUBLELOADER Malware Uses ALCATRAZ Obfuscator to Evade Detection DOUBLELOADER malware, ALCATRAZ obfuscator

DOUBLELOADER Malware Uses ALCATRAZ Obfuscator to Evade Detection

Do Son May 26, 2025

Elastic Security Labs has identified a new malware family dubbed “DOUBLELOADER” that leverages ALCATRAZ—a game-hacking inspired obfuscator—to...

Stealthy Data Theft: Hackers Use Legitimate DB Client Tools for Exfiltration

Do Son May 25, 2025

In recent breach incidents, threat actors have evolved their methods beyond traditional intrusion tactics, now opting for...

AI-Generated Malware: TikTok Videos Push Infostealers with PowerShell Commands TikTok malware, AI-generated malware

AI-Generated Malware: TikTok Videos Push Infostealers with PowerShell Commands

Do Son May 24, 2025

Trend Micro reveals a growing threat on TikTok, where AI-generated videos deceive users into running malicious PowerShell...

Warning: New Malvertising Campaign Uses Fake Cloudflare Pages to Deliver Malware Fake Cloudflare page, WordPress theme malware

Warning: New Malvertising Campaign Uses Fake Cloudflare Pages to Deliver Malware

Do Son May 24, 2025

A new wave of deceptive attacks is weaponizing the trusted Cloudflare brand to deliver Windows-based malware through...

DanaBot Takedown: 16 Indicted for $50M Malware Operation DanaBot takedown, cybercrime charges

DanaBot Takedown: 16 Indicted for $50M Malware Operation

Do Son May 23, 2025

The U.S. Department of Justice has unsealed charges against 16 individuals allegedly behind the DanaBot malware operation,...