Malware Analysis Archives • Page 2 of 7 • Daily CyberSecurity

Broken by Design: How VECT 2.0 Ransomware Becomes a Permanent Data Wiper VECT

Broken by Design: How VECT 2.0 Ransomware Becomes a Permanent Data Wiper

Do Son April 30, 2026

A new investigation by Check Point Research (CPR) has revealed that the “ambitious” VECT 2.0 ransomware—currently targeting...

Tactical Evolution: Trigona Ransomware Debuts Custom Exfiltration Armory Trigona Ransomware Custom Exfiltration Tool

Tactical Evolution: Trigona Ransomware Debuts Custom Exfiltration Armory

Do Son April 25, 2026

The ransomware landscape is witnessing a sophisticated shift in how data is stolen. While most cybercriminal groups...

Harvester APT Goes Cross-Platform: New Linux Backdoor Abuses Microsoft Graph API Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Harvester APT Goes Cross-Platform: New Linux Backdoor Abuses Microsoft Graph API

Do Son April 24, 2026

The sophisticated threat actor known as Harvester is expanding its horizons. Traditionally known for targeting Windows environments,...

The Lotus Evolves: Mustang Panda Targets Indian Banks in a New Espionage Pivot Mustang Panda LOTUSLITE Financial Cyber-Espionage

The Lotus Evolves: Mustang Panda Targets Indian Banks in a New Espionage Pivot

Do Son April 23, 2026

The Acronis Threat Research Unit (TRU) has identified a significant shift in the operations of Mustang Panda,...

Lotus Wiper: A Destructive New Threat Strikes Venezuela’s Energy Sector Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

Lotus Wiper: A Destructive New Threat Strikes Venezuela’s Energy Sector

Do Son April 23, 2026

A novel and devastating file wiper has been discovered targeting critical infrastructure in South America. Against the...

TeamPCP Hijacks Checkmarx in Sprawling Supply Chain Strike Checkmarx Supply Chain Attack TeamPCP

TeamPCP Hijacks Checkmarx in Sprawling Supply Chain Strike

Do Son April 23, 2026

The cybersecurity world is facing a sprawling supply chain compromise as official distribution channels for Checkmarx, a...

PureRAT Unmasked: The Stealthy, Multi-Stage “Dynamic Loader” Targeting Windows PureRAT Malware Steganography Evasion

PureRAT Unmasked: The Stealthy, Multi-Stage “Dynamic Loader” Targeting Windows

Do Son April 23, 2026

The Trellix Advanced Research Center has released an in-depth analysis of PureRAT, an advanced remote access trojan...

RondoDox Botnet Hijacks Everything from IoT to Fortnite RondoDox Botnet Nanomite Anti-Debugging

RondoDox Botnet Hijacks Everything from IoT to Fortnite

Do Son April 21, 2026

A new deep-dive analysis from BitSight has unmasked the RondoDox Botnet, a sophisticated and rapidly evolving threat...

New “PowMix” Botnet Preys on Czech Workforce with Lure of Compliance PowMix Botnet AMSI Bypass

New “PowMix” Botnet Preys on Czech Workforce with Lure of Compliance

Do Son April 20, 2026

Cybersecurity researchers have exposured the curtain on a sophisticated, previously undocumented botnet that has been silently compromising...

OpenAI’s GPT-5.4-Cyber Challenges the “Superhuman” Hacking of Claude Mythos

Do Son April 16, 2026

Anthropic previously inaugurated Claude Mythos for a select cadre of preeminent technology firms. This model is primarily...

VIPERTUNNEL Hijacks Python for Stealthy Ransomware Access VIPERTUNNEL Backdoor Python Persistence Tactics

VIPERTUNNEL Hijacks Python for Stealthy Ransomware Access

Do Son April 16, 2026

A recent investigation into a DragonForce ransomware engagement has pulled back the curtain on a highly sophisticated...

JanelaRAT Uses Fake Windows Updates to Empty LATAM Bank Accounts JanelaRAT LATAM Banking Malware

JanelaRAT Uses Fake Windows Updates to Empty LATAM Bank Accounts

Do Son April 15, 2026

In the diverse ecosystem of Latin American cybercrime, one threat continues to refine its ability to peer...

Inside the Masjesu IoT Botnet’s 3-Year Stealth Reign Masjesu Botnet IoT DDoS Protection

Inside the Masjesu IoT Botnet’s 3-Year Stealth Reign

Do Son April 14, 2026

Trellix ARC has released a deep dive into the Masjesu botnet, a threat that has redefined stealth...

Qilin’s “EDR Killer” Dismantles 300+ Security Drivers EDR Killer Qilin Ransomware

Qilin’s “EDR Killer” Dismantles 300+ Security Drivers

Do Son April 9, 2026

A technical deep-dive from Cisco Talos has exposed a sophisticated “EDR killer” deployed during Qilin ransomware attacks,...

Zero-Day Alert: Sophisticated PDF Exploit Targets Adobe Reader for Massive Data Theft Adobe Reader Zero-Day PDF Exploit

Zero-Day Alert: Sophisticated PDF Exploit Targets Adobe Reader for Massive Data Theft

Do Son April 8, 2026

A highly-sophisticated zero-day exploit has been discovered targeting Adobe Reader users, allowing attackers to steal local files...

The Python Pivot: Kimsuky’s New Multi-Stage LNK Maze for Stealthy Backdoors Kimsuky Multi-stage LNK

The Python Pivot: Kimsuky’s New Multi-Stage LNK Maze for Stealthy Backdoors

Do Son April 8, 2026

The notorious Kimsuky threat group is refining its arsenal, shifting toward more complex, multi-stage execution chains to...

Venom Stealer Bypasses Chrome and “Auto-Cracks” Tonkeeper Wallets Venom Stealer Crypto Drainer MaaS

Venom Stealer Bypasses Chrome and “Auto-Cracks” Tonkeeper Wallets

Do Son April 8, 2026

A new Malware-as-a-Service (MaaS) platform is making waves in the cybercrime underground, promising operators an automated pipeline...

Malicious VeloraDEX SDK Compromises Developer Machines via npm npm Supply Chain Attack @velora-dex/sdk Malware

Malicious VeloraDEX SDK Compromises Developer Machines via npm

Do Son April 8, 2026

Security researchers at StepSecurity have sounded the alarm on a compromised version of the @velora-dex/sdk package. On...

Trolling as a Service: How the New CrystalX RAT Uses “Prankware” to Torture Its Victims CrystalX RAT Prankware

Trolling as a Service: How the New CrystalX RAT Uses “Prankware” to Torture Its Victims

Do Son April 7, 2026

In the world of cybercrime, malware is typically designed for one of two things: stealthy espionage or...

The Evolution of an Infostealer: Xloader 8.7 Unmasked Xloader Malware Information Stealer Phantom Stealer v3.5.0 DLL Sideloading Attack

The Evolution of an Infostealer: Xloader 8.7 Unmasked

Do Son April 7, 2026

ThreatLabz has released a deep-dive analysis into the latest iterations of Xloader, a notorious information-stealing malware that...