malware

ShadowSilk Unmasked: The Hybrid Espionage Group Targeting Central Asian Governments Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

ShadowSilk Unmasked: The Hybrid Espionage Group Targeting Central Asian Governments

Ddos August 29, 2025

Group-IB analysts, in cooperation with CERT-KG, have published new research exposing the activities of a threat cluster...

Nx Build System Compromise Targets Developers with AI-Enhanced Supply Chain Attack Nx supply chain attack

Nx supply chain attack

Nx Build System Compromise Targets Developers with AI-Enhanced Supply Chain Attack

Ddos August 27, 2025

The StepSecurity research team has issued a warning about a large-scale supply chain attack involving the popular...

End of Anonymous Sideloading: Google to Require Developer Verification on Android Sideloading, Android security

Sideloading, Android security

End of Anonymous Sideloading: Google to Require Developer Verification on Android

Ddos August 27, 2025

Google has announced the introduction of a new security measure for the Android ecosystem: in the future,...

Hook v3: The Banking Trojan That’s Evolving into a Hybrid Ransomware-Spyware Threat Hook malware, Android trojan

Hook malware, Android trojan

Hook v3: The Banking Trojan That’s Evolving into a Hybrid Ransomware-Spyware Threat

Ddos August 27, 2025

The zLabs research team at Zimperium has uncovered a dangerous new evolution of the Hook Android banking...

Google Threat Intelligence Exposes UNC6384’s Stealthy Espionage Campaign UNC6384, cyber-espionage

UNC6384, cyber-espionage

Google Threat Intelligence Exposes UNC6384’s Stealthy Espionage Campaign

Ddos August 27, 2025

Google Threat Intelligence Group (GTIG) uncovered a complex, multi-stage cyber-espionage campaign attributed to the PRC-linked threat actor...

SpyNote’s New Lure: The Stealthy Campaign Using Fake App Stores Android RAT, SpyNote

Android RAT, SpyNote

SpyNote’s New Lure: The Stealthy Campaign Using Fake App Stores

Ddos August 27, 2025

Researchers at DomainTools have uncovered a persistent SpyNote Android Remote Access Trojan (RAT) campaign, where threat actors...

FortiGuard Labs Uncovers Global Phishing Campaign Using UpCrypter to Deploy RATs Phishing campaign, UpCrypter

Phishing campaign, UpCrypter

FortiGuard Labs Uncovers Global Phishing Campaign Using UpCrypter to Deploy RATs

Ddos August 26, 2025

FortiGuard Labs has uncovered a rapidly spreading phishing campaign that leverages carefully crafted emails and fake websites...

Beyond Banks: Android Malware Is Getting Smarter to Bypass Google Play Protect CVE-2023-20951 Honor Update

CVE-2023-20951 Honor Update

Beyond Banks: Android Malware Is Getting Smarter to Bypass Google Play Protect

Ddos August 26, 2025

Droppers—seemingly harmless apps that secretly deliver malware—have long been a key part of Android cybercrime. But according...

Expel Uncovers Malicious PUP Ecosystem Masquerading as Free Utility Apps Potentially unwanted program, residential proxy

Potentially unwanted program, residential proxy

Expel Uncovers Malicious PUP Ecosystem Masquerading as Free Utility Apps

Ddos August 26, 2025

For years, potentially unwanted programs (PUPs) have been associated with nuisance-level behavior—displaying ads, installing toolbars, or collecting...

Beyond Windows: Pakistan’s APT36 Group Is Now Attacking Linux Systems with Stealthy Malware AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

Beyond Windows: Pakistan’s APT36 Group Is Now Attacking Linux Systems with Stealthy Malware

Ddos August 26, 2025

The Pakistan-linked threat group APT36—also known as Transparent Tribe, Mythic Leopard, Earth Karkaddan, or Operation C-Major—has re-emerged...

A New Linux Malware Hides in Plain Sight by Weaponizing File Names Linux-filenames

Linux-filenames

A New Linux Malware Hides in Plain Sight by Weaponizing File Names

Ddos August 25, 2025

Linux has long been considered a fortress of security—a preferred platform for developers, system administrators, and security...

Anatsa Android Trojan Expands Its Global Reach and Targets 831 Financial Apps Android malware, Anatsa

Android malware, Anatsa

Anatsa Android Trojan Expands Its Global Reach and Targets 831 Financial Apps

Ddos August 25, 2025

The Android ecosystem continues to face persistent threats from sophisticated banking trojans. The Zscaler ThreatLabz team, which...

Gayfemboy Botnet Resurfaces with Advanced Evasion and New Targets ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

Gayfemboy Botnet Resurfaces with Advanced Evasion and New Targets

Ddos August 25, 2025

FortiGuard Labs has been closely tracking a stealthy new malware strain known as Gayfemboy. Initially disclosed by...

BQTLock: A New Ransomware-as-a-Service Operation Blending Marketing and Malware Ransomware-as-a-Service, BQTLock

Ransomware-as-a-Service, BQTLock

BQTLock: A New Ransomware-as-a-Service Operation Blending Marketing and Malware

Ddos August 25, 2025

A new ransomware strain has entered the cybercrime marketplace, blending technical sophistication with aggressive marketing. Researchers at...

YouTube Downloader Sites Are Now Hiding Proxyware to Hijack Your Bandwidth

Proxyware

YouTube Downloader Sites Are Now Hiding Proxyware to Hijack Your Bandwidth

Ddos August 23, 2025

Cybercriminals are once again exploiting popular online habits—this time leveraging YouTube video download sites as bait for...

Malicious Go Package Steals Your SSH Credentials in a “Brute-Force” Scam Go module, SSH brute-force scam

Go module, SSH brute-force scam

Malicious Go Package Steals Your SSH Credentials in a “Brute-Force” Scam

Ddos August 23, 2025

The open-source ecosystem has once again been exploited to distribute malicious software. Socket’s Threat Research Team has...

UAC-0057 Targets Ukraine and Poland with Weaponized Archives and Evolving Implants BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

UAC-0057 Targets Ukraine and Poland with Weaponized Archives and Evolving Implants

Ddos August 22, 2025

In a newly released report, French cybersecurity firm HarfangLab has revealed details of two interconnected cyber espionage...

ClickFix and CORNFLAKE.V3: Mandiant Uncovers a New Wave of Access-as-a-Service Campaigns ClickFix, UNC5518

ClickFix, UNC5518

ClickFix and CORNFLAKE.V3: Mandiant Uncovers a New Wave of Access-as-a-Service Campaigns

Ddos August 22, 2025

Mandiant researchers have uncovered a sophisticated cybercrime operation where compromised websites are weaponized with fake CAPTCHA pages...

AI’s Dark Side: How a New Website Builder Is Fueling a Surge in Cybercrime AI cybercrime, phishing

AI cybercrime, phishing

AI’s Dark Side: How a New Website Builder Is Fueling a Surge in Cybercrime

Ddos August 21, 2025

Artificial intelligence is lowering the barrier to cybercrime. According to a new report by Proofpoint, threat actors...

IBM X-Force Exposes the Stealthy QuirkyLoader Malware Malware loader, QuirkyLoader

Malware loader, QuirkyLoader

IBM X-Force Exposes the Stealthy QuirkyLoader Malware

Ddos August 21, 2025

IBM X-Force researchers have identified a new loader malware, dubbed QuirkyLoader, that is being used to deliver...