malware Archives • Page 11 of 28 • Daily CyberSecurity

UAC-0057 Targets Ukraine and Poland with Weaponized Archives and Evolving Implants BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

UAC-0057 Targets Ukraine and Poland with Weaponized Archives and Evolving Implants

Do Son August 22, 2025

In a newly released report, French cybersecurity firm HarfangLab has revealed details of two interconnected cyber espionage...

ClickFix and CORNFLAKE.V3: Mandiant Uncovers a New Wave of Access-as-a-Service Campaigns ClickFix, UNC5518

ClickFix and CORNFLAKE.V3: Mandiant Uncovers a New Wave of Access-as-a-Service Campaigns

Do Son August 22, 2025

Mandiant researchers have uncovered a sophisticated cybercrime operation where compromised websites are weaponized with fake CAPTCHA pages...

AI’s Dark Side: How a New Website Builder Is Fueling a Surge in Cybercrime AI cybercrime, phishing

AI’s Dark Side: How a New Website Builder Is Fueling a Surge in Cybercrime

Do Son August 21, 2025

Artificial intelligence is lowering the barrier to cybercrime. According to a new report by Proofpoint, threat actors...

IBM X-Force Exposes the Stealthy QuirkyLoader Malware Malware loader, QuirkyLoader

IBM X-Force Exposes the Stealthy QuirkyLoader Malware

Do Son August 21, 2025

IBM X-Force researchers have identified a new loader malware, dubbed QuirkyLoader, that is being used to deliver...

Inside the “Traffer” Economy: How a Thriving Cybercrime Ecosystem Professionalized Data Theft

Do Son August 21, 2025

The global cybercrime economy continues to expand, with new players and organizational structures emerging to maximize profits...

How Attackers Exploit and Then Patch a Vulnerability to Hide in Linux Systems Apache ActiveMQ, self-patching malware

How Attackers Exploit and Then Patch a Vulnerability to Hide in Linux Systems

Do Son August 21, 2025

Red Canary has revealed a sophisticated attack campaign targeting cloud-based Linux systems through a critical remote code...

A Trojan in Disguise: New Python Package on PyPI Hides a Multi-Stage Malware Operation Supply chain attack

A Trojan in Disguise: New Python Package on PyPI Hides a Multi-Stage Malware Operation

Do Son August 21, 2025

Zscaler’s ThreatLabz team has issued a warning after uncovering a malicious Python package on the Python Package...

Spies in Your Skype: GodRAT Malware Uses Steganography to Target Financial Firms Cyber-espionage, GodRAT

Spies in Your Skype: GodRAT Malware Uses Steganography to Target Financial Firms

Do Son August 20, 2025

Kaspersky Labs has identified a sophisticated cyber-espionage campaign targeting financial institutions, particularly trading and brokerage firms, through...

A ChatGPT App Is Hiding a Backdoor: Microsoft Exposes the PipeMagic Malware PipeMagic, Ransomware

A ChatGPT App Is Hiding a Backdoor: Microsoft Exposes the PipeMagic Malware

Do Son August 20, 2025

Microsoft Threat Intelligence has uncovered PipeMagic, a sophisticated modular backdoor used by the financially motivated threat actor...

Beyond AI Lures: Noodlophile Stealer Evolves with Stealthy Copyright Phishing Infostealer, Noodlophile

Beyond AI Lures: Noodlophile Stealer Evolves with Stealthy Copyright Phishing

Do Son August 20, 2025

The Noodlophile Stealer, a malware family first exposed for distributing through fake AI video-generation platforms, has resurfaced...

“Lazarus Stealer”: A New Android Trojan Is Stealing Financial Data from Russian Banks Android malware, banking trojan Lazarus Stealer

“Lazarus Stealer”: A New Android Trojan Is Stealing Financial Data from Russian Banks

Do Son August 20, 2025

A new CYFIRMA report has revealed the discovery of Lazarus Stealer, a highly sophisticated Android malware designed...

7.8 PipeMagic Returns: Kaspersky Uncovers Evolving Backdoor Linked to CVE-2025-29824 Exploits Backdoor, PipeMagic CVE-2025-29824

7.8 PipeMagic Returns: Kaspersky Uncovers Evolving Backdoor Linked to CVE-2025-29824 Exploits

Do Son August 19, 2025

Kaspersky Labs has released a new report shedding light on the persistent threat posed by PipeMagic, a...

CrossC2 and ReadNimeLoader: Inside the Multi-Stage Intrusions Targeting Linux and Windows Environments Cross-platform attacks, Cobalt Strike

CrossC2 and ReadNimeLoader: Inside the Multi-Stage Intrusions Targeting Linux and Windows Environments

Do Son August 18, 2025

Between September and December 2024, JPCERT/CC uncovered a sophisticated cyber campaign leveraging CrossC2, an extension tool designed...

REVENANT: The Experimental Framework That Infects AI Models and Evades Traditional Defenses Experimental attack framework, AI security

REVENANT: The Experimental Framework That Infects AI Models and Evades Traditional Defenses

Do Son August 18, 2025

In a new report, CYFIRMA has detailed an experimental attack framework called REVENANT, which demonstrates how adversaries...

Dodi Repacks Malware: Why Your Adblocker Won’t Save You Battlefield 6 Malware, Fake Game Cracks

Dodi Repacks Malware: Why Your Adblocker Won’t Save You

Do Son August 18, 2025

Pirated games have long been a risky endeavor, but recent research from Trellix reveals just how dangerous...

Phishing Attack on Popular npm Package Triggers Supply Chain Compromise npm supply chain, phishing attack

Phishing Attack on Popular npm Package Triggers Supply Chain Compromise

Do Son August 16, 2025

A recent investigation by ReversingLabs has revealed how a targeted phishing attack led to the compromise of...

A New Threat: Unmasking Crypto24 Ransomware’s Stealthy Toolkit INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

A New Threat: Unmasking Crypto24 Ransomware’s Stealthy Toolkit

Do Son August 15, 2025

Trend Micro’s latest research sheds light on Crypto24, a highly coordinated ransomware operation that blends legitimate administrative...

An Ethereum Dev’s Wallet Drained by a Fake AI Extension Crypto Drain Conspiracy, Malicious MobileConfig phone phishing Cryptocurrency Phishing

Crypto Drain Conspiracy, Malicious MobileConfig phone phishing Cryptocurrency Phishing

An Ethereum Dev’s Wallet Drained by a Fake AI Extension

Do Son August 15, 2025

It turns out that even seasoned professionals are not entirely immune to the deceptive tactics of phishing...

A Blast from the Past: Why a 2017 Office Flaw Still Haunts Enterprises Today Microsoft Office, CVE-2017-11882

A Blast from the Past: Why a 2017 Office Flaw Still Haunts Enterprises Today

Do Son August 15, 2025

Under normal circumstances, software developers recommend that users promptly update to the latest version after a release....

“Curly COMrades” Group Unmasked: Russian Threat Actors Deploy New Backdoor in Geopolitical Espionage Campaign Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

“Curly COMrades” Group Unmasked: Russian Threat Actors Deploy New Backdoor in Geopolitical Espionage Campaign

Do Son August 14, 2025

Bitdefender Labs has uncovered a new cyber-espionage group, dubbed “Curly COMrades”, believed to operate in support of...