malware Archives • Page 15 of 28 • Daily CyberSecurity

New macOS.ZuRu Variant Uses Trojanized Termius App to Infiltrate Systems ter

New macOS.ZuRu Variant Uses Trojanized Termius App to Infiltrate Systems

Ddos July 11, 2025

A newly uncovered variant of the notorious macOS.ZuRu malware is now using a trojanized version of Termius,...

DoNot APT Expands to Europe: Targets Foreign Ministry with LoptikMod Malware via Google Drive Phishing DoNot APT, European Cyberespionage

DoNot APT Expands to Europe: Targets Foreign Ministry with LoptikMod Malware via Google Drive Phishing

Ddos July 11, 2025

In a newly uncovered campaign, the DoNot APT group—also tracked as APT-C-35, Mint Tempest, Origami Elephant, and...

From Stealer to Spy: AMOS Malware Evolves into Full-Fledged Backdoor Threat for macOS AMOS, macOS backdoor

From Stealer to Spy: AMOS Malware Evolves into Full-Fledged Backdoor Threat for macOS

Ddos July 10, 2025

In a disturbing evolution of macOS malware, Moonlock Lab has discovered that Atomic macOS Stealer (AMOS)—already notorious...

VS Code ETHcode Extension Hacked: Just 2 Lines of Code Led to Supply Chain Compromise Via GitHub PR

Ddos July 9, 2025

Researchers at ReversingLabs (RL) have uncovered a supply chain compromise of the popular ETHcode extension for Visual...

Anatsa Resurfaces: Banking Trojan Targets North America via Google Play

Ddos July 9, 2025

The Anatsa Android banking trojan, one of the most advanced mobile malware threats active today, is back...

NetSupport RAT Returns: Weaponized via WordPress & “ClickFix” for Remote Access NetSupport RAT, ClickFix Technique

NetSupport RAT Returns: Weaponized via WordPress & “ClickFix” for Remote Access

Ddos July 8, 2025

Recently, security researchers at the Cybereason Global Security Operations Center (GSOC) discovered a highly deceptive malware campaign...

RedLine Stealer Unleashed: Inno Setup Installers Abused for Stealthy Data Theft & Cryptowallet Draining RedLine Stealer, Inno Setup Exploit

RedLine Stealer Unleashed: Inno Setup Installers Abused for Stealthy Data Theft & Cryptowallet Draining

Ddos July 8, 2025

In a recent technical deep dive, the Splunk Threat Research Team (STRT) dissected a multi-stage malware campaign...

NordDragonScan: New Infostealer Hits Via Weaponized HTAs, Stealing Browser Data & Documents! NordDragonScan, Infostealer

NordDragonScan: New Infostealer Hits Via Weaponized HTAs, Stealing Browser Data & Documents!

Ddos July 8, 2025

FortiGuard Labs has issued a critical alert regarding a new and actively exploited infostealer malware campaign. Dubbed...

XMRig Cryptojacking Surges: New Campaign Uses LOLBAS, Steals Monero Undetected XMRig Cryptojacking, LOLBAS

XMRig Cryptojacking Surges: New Campaign Uses LOLBAS, Steals Monero Undetected

Ddos July 8, 2025

A new wave of XMRig-based cryptojacking malware is making headlines again—leveraging simple scripting, LOLBAS techniques, and stealthy...

XwormRAT Resurfaces with Steganography-Powered Attack Chain

Ddos July 8, 2025

The AhnLab Security Intelligence Center (ASEC) has raised fresh concerns over the reemergence of XwormRAT, a notorious...

Hpingbot: New Go-Based Botnet Leverages Pastebin & Hping3 for Stealthy Attacks

Ddos July 7, 2025

NSFOCUS Fuying Lab uncovered a rapidly evolving botnet family named Hpingbot. Written in Go and targeting both...

APT36 Unleashes Linux Malware: Transparent Tribe Targets Indian Government with Go-Based Espionage Tools APT36 Linux, BOSS Linux

APT36 Unleashes Linux Malware: Transparent Tribe Targets Indian Government with Go-Based Espionage Tools

Ddos July 7, 2025

A newly uncovered campaign by Pakistani threat actor APT36, also known as Transparent Tribe, reveals a significant...

XWorm’s Shape-Shifting Arsenal: RAT Evolves to Deliver LockBit Ransomware, Evades Detection GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

XWorm’s Shape-Shifting Arsenal: RAT Evolves to Deliver LockBit Ransomware, Evades Detection

Ddos July 7, 2025

XWorm, a name increasingly familiar in threat intelligence circles, has once again proven its status as a...

Malicious Firefox Extensions Unmasked: Fake Games, VPNs, & Calendar Tools Hijack Traffic, Steal Crypto & OAuth Tokens Firefox Extensions, Malware Campaign

Malicious Firefox Extensions Unmasked: Fake Games, VPNs, & Calendar Tools Hijack Traffic, Steal Crypto & OAuth Tokens

Ddos July 7, 2025

A new report by the Socket Threat Research Team has uncovered a sprawling network of malicious Firefox...

SHELLTER Evasion Framework Abused: Elite v11.0 Packages LUMMA, RHADAMANTHYS, ARECHCLIENT2 Infostealers SHELLTER, Infostealers

SHELLTER Evasion Framework Abused: Elite v11.0 Packages LUMMA, RHADAMANTHYS, ARECHCLIENT2 Infostealers

Ddos July 7, 2025

Elastic Security Labs has uncovered multiple malware campaigns leveraging the SHELLTER evasion framework—a product originally designed to...

Stealthy WordPress Malware Uncovered: SEO Spam Plugin Mimics Your Domain to Evade Detection WordPress Malware, SEO Spam

Stealthy WordPress Malware Uncovered: SEO Spam Plugin Mimics Your Domain to Evade Detection

Ddos July 4, 2025

In a recent investigation, Kayleigh Martin, a Security Analyst at Sucuri, uncovered a cunning new tactic used...

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours Exploit Jupyter Notebooks

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

Ddos July 4, 2025

The Wiz Research Team has uncovered a stealthy and rapidly executed exploitation chain leveraging a misconfigured Java...

NimDoor: North Korean APT Uses Nim-Based Malware for Stealthy Web3 & Crypto Attacks on macOS! NimDoor, macOS Malware

NimDoor: North Korean APT Uses Nim-Based Malware for Stealthy Web3 & Crypto Attacks on macOS!

Ddos July 3, 2025

A new wave of North Korean cyberattacks is exploiting macOS systems in Web3 and cryptocurrency startups using...

Qwizzserial: Telegram-Driven Android SMS Stealer Infects 100,000 Devices Android Malware, Qwizzserial

Qwizzserial: Telegram-Driven Android SMS Stealer Infects 100,000 Devices

Ddos July 3, 2025

A newly uncovered Android malware family named Qwizzserial is wreaking havoc across Uzbekistan, stealing sensitive financial data...

Linux Servers Hijacked: Attackers Install Legitimate Proxy Software for Covert Operations Linux Proxy Malware, Legitimate Tool Abuse

Linux Servers Hijacked: Attackers Install Legitimate Proxy Software for Covert Operations

Ddos July 3, 2025

The AhnLab SEcurity intelligence Center (ASEC) has uncovered a series of attacks on poorly secured Linux servers,...

Critical Alert 2 Active Exploits Detected Today