MaaS Archives • Page 2 of 3 • Daily CyberSecurity

WARMCOOKIE Resurfaces After Takedown: New Variant Adds Stealth Handlers, Uses Expired C2 Certificates Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

WARMCOOKIE Resurfaces After Takedown: New Variant Adds Stealth Handlers, Uses Expired C2 Certificates

Do Son October 3, 2025

The WARMCOOKIE backdoor has resurfaced with new features, expanded infrastructure, and updated delivery mechanisms, according to a...

Olymp Loader: New Assembly-Based MaaS Is a Turnkey Solution for Low-Tier Cybercriminals Olymp Loader, MaaS

Olymp Loader: New Assembly-Based MaaS Is a Turnkey Solution for Low-Tier Cybercriminals

Do Son September 30, 2025

A new Malware-as-a-Service (MaaS) offering, dubbed Olymp Loader, is rapidly gaining traction in underground markets. First spotted...

HijackLoader: The Stealthy Malware Loader Powering Modern Cyberattacks Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

HijackLoader: The Stealthy Malware Loader Powering Modern Cyberattacks

Do Son September 16, 2025

Cybercriminals are increasingly relying on malware loaders to gain initial access, evade defenses, and deliver sophisticated payloads....

Salat Stealer: A New Go-Based MaaS Is Hijacking Browsers and Crypto Wallets Salat Stealer, MaaS

Salat Stealer: A New Go-Based MaaS Is Hijacking Browsers and Crypto Wallets

Do Son September 9, 2025

CYFIRMA has released an in-depth analysis of Salat Stealer (also known as WEB_RAT), a sophisticated Go-based malware...

CastleBot: The New MaaS Framework Fueling Info-Stealer & Ransomware Attacks CastleBot, Malware-as-a-Service

CastleBot: The New MaaS Framework Fueling Info-Stealer & Ransomware Attacks

Do Son August 11, 2025

IBM X-Force has unveiled an in-depth analysis of CastleBot, a newly emerging Malware-as-a-Service (MaaS) framework that is...

The SocGholish Malware Economy: Stealthy “Fake Updates” Fuel a Global Cybercrime Ecosystem SocGholish, Initial Access Broker

The SocGholish Malware Economy: Stealthy “Fake Updates” Fuel a Global Cybercrime Ecosystem

Do Son August 8, 2025

Silent Push Threat Analysts have detailed one of today’s most pervasive cyber threats—SocGholish—exposing its deep ties to...

PlayPraetor: New Android RAT Infects 11,000+ Devices with Real-Time On-Device Fraud Android RAT, PlayPraetor

PlayPraetor: New Android RAT Infects 11,000+ Devices with Real-Time On-Device Fraud

Do Son August 5, 2025

A large-scale cyber fraud campaign is sweeping across continents, exploiting Android devices. Security researchers at Cleafy have...

NOVABLIGHT: New NodeJS Infostealer-as-a-Service Unmasked, Fueled by Fake Games & Disguised as “Educational” NOVABLIGHT, Infostealer MaaS

NOVABLIGHT: New NodeJS Infostealer-as-a-Service Unmasked, Fueled by Fake Games & Disguised as “Educational”

Do Son July 31, 2025

Elastic Security Labs has exposed the inner workings of NOVABLIGHT, a highly modular, NodeJS-based Malware-as-a-Service (MaaS) information...

Raven Stealer: New MaaS Infostealer Plunders Data via Reflective Process Hollowing & Telegram Exfil Raven Stealer, MaaS Infostealer

Raven Stealer: New MaaS Infostealer Plunders Data via Reflective Process Hollowing & Telegram Exfil

Do Son July 30, 2025

A recent in-depth analysis from Cyfirma has shed light on the alarming capabilities of Raven Stealer, a...

Cyber Stealer: New Infostealer-Botnet Hybrid Offers Full Digital Plunder as a Service Cyber Stealer, Infostealer-Botnet

Cyber Stealer: New Infostealer-Botnet Hybrid Offers Full Digital Plunder as a Service

Do Son July 28, 2025

The eSentire’s Threat Response Unit (TRU) has uncovered a rapidly evolving malware platform called Cyber Stealer—a full-fledged...

Katz Stealer: The $100/Month MaaS Threat Plundering Digital Identities Undetected Katz Stealer, Info-Stealer MaaS

Katz Stealer: The $100/Month MaaS Threat Plundering Digital Identities Undetected

Do Son July 21, 2025

In the crowded arena of information-stealing malware, Katz Stealer is quickly establishing itself as one of the...

Matanbuchus 3.0 Levels Up: New Stealthy Malware Loader Exploits Microsoft Teams ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

Matanbuchus 3.0 Levels Up: New Stealthy Malware Loader Exploits Microsoft Teams

Do Son July 21, 2025

Matanbuchus, a well-known malware loader sold as Malware-as-a-Service (MaaS), has just leveled up. In its latest evolution—Matanbuchus...

GitHub Abused in Amadey MaaS Campaign: Talos Uncovers Malware-as-a-Service Network Leveraging Public Repositories GitHub MaaS, Emmenhtal Loader

GitHub Abused in Amadey MaaS Campaign: Talos Uncovers Malware-as-a-Service Network Leveraging Public Repositories

Do Son July 18, 2025

Cisco Talos has uncovered a multi-pronged Malware-as-a-Service (MaaS) operation exploiting public GitHub repositories to distribute a wide...

AntiDot Android Trojan: New MaaS Malware Records Screens, Intercepts SMS, & Steals Financial Data Android zero day flaw June 2026 security bulletin RuTaxi Trojan Android Banking Malware Pixel 9 zero-click exploit, Dolby UDC vulnerability CVE-2025-54957 NexusRoute Android RAT, India E-Challan Phishing ClayRat Self-Defense, Android Accessibility Abuse Android Trojan, AntiDot Android Malware "BadPack"

Android zero day flaw June 2026 security bulletin RuTaxi Trojan Android Banking Malware Pixel 9 zero-click exploit, Dolby UDC vulnerability CVE-2025-54957 NexusRoute Android RAT, India E-Challan Phishing ClayRat Self-Defense, Android Accessibility Abuse Android Trojan, AntiDot Android Malware "BadPack"

AntiDot Android Trojan: New MaaS Malware Records Screens, Intercepts SMS, & Steals Financial Data

Do Son June 20, 2025

The Swiss cybersecurity firm PRODAFT has unveiled detailed findings regarding a widespread malicious campaign involving an Android...

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data

Do Son June 20, 2025

According to a new report from Proofpoint, a previously known threat, ACR Stealer, has been reborn under...

Stargazers Ghost Network: Minecraft Mods Used to Distribute Multi-Stage Stealers via GitHub

Do Son June 20, 2025

A new report from Check Point Research exposes a sophisticated malware campaign that has weaponized the modding...

Invoice to Infection: Sorillus RAT Campaign Strikes European Organizations

Do Son June 19, 2025

A fresh wave of targeted cyberattacks is sweeping across Europe, leveraging invoice-themed phishing emails and weaponizing legitimate...

Katz Stealer: New Stealthy MaaS Steals Everything, Hides in Images, and Hijacks Discord

Do Son June 16, 2025

In 2025, cybersecurity analysts witnessed the emergence of a sophisticated and highly evasive info-stealer known as Katz...

“DanaBleed” Flaw Exposes DanaBot’s Inner Workings for Three Years

Do Son June 11, 2025

DanaBot—an infamous Malware-as-a-Service (MaaS) operation—unwittingly sabotaged itself with a memory leak flaw eerily reminiscent of the infamous...

Beware Katz Stealer: Sophisticated Malware-as-a-Service Steals Everything

Do Son May 29, 2025

A newly analyzed variant of the Katz Stealer malware has been dissected by the Nextron Threat Research...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

MaaS

WARMCOOKIE Resurfaces After Takedown: New Variant Adds Stealth Handlers, Uses Expired C2 Certificates

Olymp Loader: New Assembly-Based MaaS Is a Turnkey Solution for Low-Tier Cybercriminals

HijackLoader: The Stealthy Malware Loader Powering Modern Cyberattacks

Salat Stealer: A New Go-Based MaaS Is Hijacking Browsers and Crypto Wallets

CastleBot: The New MaaS Framework Fueling Info-Stealer & Ransomware Attacks

The SocGholish Malware Economy: Stealthy “Fake Updates” Fuel a Global Cybercrime Ecosystem

PlayPraetor: New Android RAT Infects 11,000+ Devices with Real-Time On-Device Fraud

NOVABLIGHT: New NodeJS Infostealer-as-a-Service Unmasked, Fueled by Fake Games & Disguised as “Educational”

Raven Stealer: New MaaS Infostealer Plunders Data via Reflective Process Hollowing & Telegram Exfil

Cyber Stealer: New Infostealer-Botnet Hybrid Offers Full Digital Plunder as a Service

Katz Stealer: The $100/Month MaaS Threat Plundering Digital Identities Undetected

GitHub Abused in Amadey MaaS Campaign: Talos Uncovers Malware-as-a-Service Network Leveraging Public Repositories

AntiDot Android Trojan: New MaaS Malware Records Screens, Intercepts SMS, & Steals Financial Data

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data

Stargazers Ghost Network: Minecraft Mods Used to Distribute Multi-Stage Stealers via GitHub

Invoice to Infection: Sorillus RAT Campaign Strikes European Organizations

Katz Stealer: New Stealthy MaaS Steals Everything, Hides in Images, and Hijacks Discord

“DanaBleed” Flaw Exposes DanaBot’s Inner Workings for Three Years

Beware Katz Stealer: Sophisticated Malware-as-a-Service Steals Everything