Lumma Stealer Archives • Daily CyberSecurity

AuraStealer: The “Result-Oriented” Malware Rising from the Post-Lumma Void AuraStealer Malware Infostealer

AuraStealer: The “Result-Oriented” Malware Rising from the Post-Lumma Void

Do Son March 4, 2026

Following the high-profile takedown of the Lumma stealer infrastructure in 2025, a new threat is rapidly maneuvering...

Game Over: “RenEngine” Malware Hides in Pirated Visual Novels RenEngine Malware Pirated Games Security

Game Over: “RenEngine” Malware Hides in Pirated Visual Novels

Do Son February 17, 2026

A new malware campaign is turning the quest for free games into a nightmare for players. A...

Itch.io Targeted: Lumma Stealer Deployed Via Fake Updates and Reflective Node.js Loader Itch.io Lumma Stealer, Reflective Node.js Loader

Itch.io Targeted: Lumma Stealer Deployed Via Fake Updates and Reflective Node.js Loader

Do Son December 10, 2025

A sophisticated malware campaign has infiltrated the indie gaming platform Itch.io, using deceptive “game update” lures to...

Lumma Stealer Resurfaces After Doxxing with New Browser Fingerprinting to Target High-Value Victims Lumma Browser Fingerprinting, Infostealer Resurgence

Lumma Browser Fingerprinting, Infostealer Resurgence

Lumma Stealer Resurfaces After Doxxing with New Browser Fingerprinting to Target High-Value Victims

Do Son November 17, 2025

Trend Micro researchers have observed a significant resurgence in Lumma Stealer activity—also tracked as Water Kurita—despite a...

HijackLoader: The Stealthy Malware Loader Powering Modern Cyberattacks Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

HijackLoader: The Stealthy Malware Loader Powering Modern Cyberattacks

Do Son September 16, 2025

Cybercriminals are increasingly relying on malware loaders to gain initial access, evade defenses, and deliver sophisticated payloads....

GitHub Malware Campaign: SmartLoader Poses as Game Cheats to Steal Data SmartLoader, Malware

GitHub Malware Campaign: SmartLoader Poses as Game Cheats to Steal Data

Do Son August 13, 2025

The AhnLab SEcurity intelligence Center (ASEC) has uncovered a large-scale malware distribution campaign leveraging GitHub to spread...

Lumma Stealer Resurfaces After Takedown: New Stealth Tactics Target Users via Fake Cracks, CAPTCHAs & GitHub Lumma Stealer, Malware Resurgence

Lumma Stealer Resurfaces After Takedown: New Stealth Tactics Target Users via Fake Cracks, CAPTCHAs & GitHub

Do Son July 23, 2025

The Lumma Stealer malware suffered a massive takedown in May 2025, with over 2,300 malicious domains seized....

Fake Free VPN & Minecraft Mod Repositories Deliver Lumma Stealer GitHub Malware, Supply Chain Attack

Fake Free VPN & Minecraft Mod Repositories Deliver Lumma Stealer

Do Son July 14, 2025

Cybercriminals are once again exploiting the trust users place in popular platforms like GitHub to spread sophisticated...

AI Hype Exploited: Black Hat SEO Campaign Poisons Search Results to Deliver Vidar, Lumma & Legion Stealers Example AI-themed website designed to lure victims into installing malware

Example AI-themed website designed to lure victims into installing malware

AI Hype Exploited: Black Hat SEO Campaign Poisons Search Results to Deliver Vidar, Lumma & Legion Stealers

Do Son June 27, 2025

Zscaler ThreatLabz researchers have uncovered an elaborate malware campaign that weaponizes the popularity of artificial intelligence (AI)...

Hackers Leak 7.4 Million Paraguayan Citizen Records, Demand $1 Per Person Ransom Paraguay Data Breach, Ransomware

Hackers Leak 7.4 Million Paraguayan Citizen Records, Demand $1 Per Person Ransom

Do Son June 17, 2025

In one of the most audacious cyberattacks to ever target a sovereign nation, threat actors have leaked...

Dark Web Alert: Genesis Market Returns with Stealthy Browser Extension Attack Attack Tree

Dark Web Alert: Genesis Market Returns with Stealthy Browser Extension Attack

Do Son May 23, 2025

The Genesis Market, a notorious dark web marketplace dismantled by law enforcement in early 2023, appears to...

Europol & Microsoft Lead Global Takedown of Lumma Stealer, World’s Largest Infostealer Lumma Stealer takedown Cybercrime disruption

Europol & Microsoft Lead Global Takedown of Lumma Stealer, World’s Largest Infostealer

Do Son May 22, 2025

Europol’s European Cybercrime Centre (EC3) and Microsoft’s Digital Crimes Unit (DCU) have successfully disrupted the Lumma Stealer,...

CAPTCHA Trap: Fake Verification Unleashes Lumma Stealer on Unsuspecting Users

Do Son May 13, 2025

Sophos X-Ops has uncovered a cunning cybercrime campaign using fake CAPTCHA pages to trick users into running...

Lumma Stealer: Advanced Obfuscation and Evasion Techniques Analysis Lumma Stealer InfoStealer

Lumma Stealer: Advanced Obfuscation and Evasion Techniques Analysis

Do Son April 25, 2025

Lumma Stealer, a prevalent threat since its emergence in 2022, continues to evolve its tactics to evade...

Lumma Stealer: Unpacking Its Evasive Tactics and Complex Infection Chains Lumma Stealer Malware Distribution

Lumma Stealer: Unpacking Its Evasive Tactics and Complex Infection Chains

Do Son April 23, 2025

The cybercriminal landscape is constantly evolving, with Malware-as-a-Service (MaaS) lowering the bar for entry and information stealers...

ClearFake Malware Variant Exploits Web3 in New Attacks Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

ClearFake Malware Variant Exploits Web3 in New Attacks

Do Son March 19, 2025

A new variant of the ClearFake malware is exploiting Web3 capabilities to enhance its malicious operations, according...

Booking.com Impersonated in Phishing Campaign Delivering Credential-Stealing Malware Booking Phishing Campaign

Booking.com Impersonated in Phishing Campaign Delivering Credential-Stealing Malware

Do Son March 15, 2025

A sophisticated phishing campaign impersonating Booking.com is targeting organizations in the hospitality industry, using a novel social...

AI-Powered Deception: Fake GitHub Repositories Spread SmartLoader and Lumma Stealer

Do Son March 12, 2025

Trend Micro researchers have uncovered a new campaign that uses AI-generated content to create convincing fake GitHub...

Lumma Stealer Malware Expands Its Reach Through YouTube and Malvertising Lumma Stealer Youtube

Lumma Stealer Malware Expands Its Reach Through YouTube and Malvertising

Do Son February 25, 2025

Silent Push Threat Analysts have uncovered new developments in the spread of Lumma Stealer, a notorious infostealer...

Angry Likho APT Group Resurfaces with New Attacks and Advanced Malware Tactics Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Angry Likho APT Group Resurfaces with New Attacks and Advanced Malware Tactics

Do Son February 25, 2025

Kaspersky Labs has uncovered new activity from Angry Likho, an advanced persistent threat (APT) group that has...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Lumma Stealer

AuraStealer: The “Result-Oriented” Malware Rising from the Post-Lumma Void

Game Over: “RenEngine” Malware Hides in Pirated Visual Novels

Itch.io Targeted: Lumma Stealer Deployed Via Fake Updates and Reflective Node.js Loader

Lumma Stealer Resurfaces After Doxxing with New Browser Fingerprinting to Target High-Value Victims

HijackLoader: The Stealthy Malware Loader Powering Modern Cyberattacks

Lumma Stealer Resurfaces After Takedown: New Stealth Tactics Target Users via Fake Cracks, CAPTCHAs & GitHub

AI Hype Exploited: Black Hat SEO Campaign Poisons Search Results to Deliver Vidar, Lumma & Legion Stealers

Hackers Leak 7.4 Million Paraguayan Citizen Records, Demand $1 Per Person Ransom

Dark Web Alert: Genesis Market Returns with Stealthy Browser Extension Attack

Europol & Microsoft Lead Global Takedown of Lumma Stealer, World’s Largest Infostealer

Lumma Stealer: Advanced Obfuscation and Evasion Techniques Analysis

Lumma Stealer: Unpacking Its Evasive Tactics and Complex Infection Chains

ClearFake Malware Variant Exploits Web3 in New Attacks

Booking.com Impersonated in Phishing Campaign Delivering Credential-Stealing Malware

AI-Powered Deception: Fake GitHub Repositories Spread SmartLoader and Lumma Stealer

Lumma Stealer Malware Expands Its Reach Through YouTube and Malvertising

Angry Likho APT Group Resurfaces with New Attacks and Advanced Malware Tactics