malware Archives • Page 17 of 28 • Daily CyberSecurity

North Korean Hackers Exploit GitHub and Dropbox in Targeted Spearphishing Attacks CVE-2024-3393 - Zservers sanctions

North Korean Hackers Exploit GitHub and Dropbox in Targeted Spearphishing Attacks

Ddos June 24, 2025

A new report from EnkiWhiteHat has unveiled a sophisticated cyber espionage operation that leverages GitHub private repositories,...

CoinMarketCap Hacked: “Doodle” Graphic Delivers Malware, Stealing $43K+ from User Wallets CoinMarketCap Hack, Inferno Drainer CVE-2024-53677 PoC Exploit

CoinMarketCap Hack, Inferno Drainer CVE-2024-53677 PoC Exploit

CoinMarketCap Hacked: “Doodle” Graphic Delivers Malware, Stealing $43K+ from User Wallets

Ddos June 23, 2025

On June 20, 2025, CoinMarketCap (CMC)—a trusted name in the crypto ecosystem—fell victim to a highly coordinated...

Confucius Group Evolves: Researcher Uncovers New Modular Backdoor “Anondoor” in Latest Espionage Campaign Confucius APT, Anondoor Backdoor

Confucius Group Evolves: Researcher Uncovers New Modular Backdoor “Anondoor” in Latest Espionage Campaign

Ddos June 23, 2025

The Confucius APT group—long associated with cyber-espionage operations targeting government and military organizations in South and East...

Prometei Botnet Evolves: Linux Variant Returns With Stealthier Payloads and Monero Mining Focus Prometei Botnet, Linux Malware

Prometei Botnet Evolves: Linux Variant Returns With Stealthier Payloads and Monero Mining Focus

Ddos June 23, 2025

In March 2025, researchers at Palo Alto Networks’ Unit 42 uncovered a resurgence of the Prometei botnet,...

NCSC Uncovers “UMBRELLA STAND” Malware: Stealthy Backdoor Targets Fortinet FortiGate Firewalls Fortinet Malware, Cyber-Espionage

NCSC Uncovers “UMBRELLA STAND” Malware: Stealthy Backdoor Targets Fortinet FortiGate Firewalls

Ddos June 23, 2025

A new malware campaign dubbed UMBRELLA STAND has been uncovered by the UK’s National Cyber Security Centre...

North Korean BlueNoroff Uses Deepfakes in Zoom Scams to Install macOS Malware for Crypto Theft Visualization of attack chain

North Korean BlueNoroff Uses Deepfakes in Zoom Scams to Install macOS Malware for Crypto Theft

Ddos June 23, 2025

Huntress exposes a sophisticated intrusion by North Korean threat actor TA444, using a fake Zoom extension, AppleScript...

Shadow Vector: Malicious SVGs Deliver AsyncRAT & RemcosRAT in Colombian Phishing Campaign! Shadow Vector, RAT Malware

Shadow Vector: Malicious SVGs Deliver AsyncRAT & RemcosRAT in Colombian Phishing Campaign!

Ddos June 23, 2025

The Acronis Threat Research Unit (TRU) has uncovered a stealthy and technically mature malware campaign dubbed Shadow...

SERPENTINE#CLOUD: Stealthy Malware Campaign Leverages Cloudflare Tunnels for In-Memory RAT Delivery TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

SERPENTINE#CLOUD: Stealthy Malware Campaign Leverages Cloudflare Tunnels for In-Memory RAT Delivery

Ddos June 20, 2025

A newly uncovered malicious campaign, dubbed SERPENTINE#CLOUD, leverages Cloudflare Tunnel subdomains to deliver payloads via phishing email...

Alert: Hunt.io Uncovers SpyNote Android Spyware Disguised as Popular Apps on Open Servers Android Spyware, SpyNote

Alert: Hunt.io Uncovers SpyNote Android Spyware Disguised as Popular Apps on Open Servers

Ddos June 20, 2025

At times, a seemingly innocuous open server on the internet can pose far greater danger than it...

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data

Ddos June 20, 2025

According to a new report from Proofpoint, a previously known threat, ACR Stealer, has been reborn under...

Banana Squad Strikes Again: 60+ GitHub Repositories Trojanized in New Software Supply Chain Attack

Ddos June 20, 2025

A newly uncovered software supply chain campaign by the threat group Banana Squad has compromised more than...

Stargazers Ghost Network: Minecraft Mods Used to Distribute Multi-Stage Stealers via GitHub

Ddos June 20, 2025

A new report from Check Point Research exposes a sophisticated malware campaign that has weaponized the modding...

Silver Fox APT: Chinese Threat Actor Deploys Trojanized Medical Software in Stealth Espionage Campaign Silver Fox APT, Cyber Espionage

Silver Fox APT: Chinese Threat Actor Deploys Trojanized Medical Software in Stealth Espionage Campaign

Ddos June 20, 2025

A newly surfaced report from Picus has shed light on Silver Fox (a.k.a. Void Arachne or The...

ComfyUI Under Attack: “Pickai” C++ Backdoor Compromises 700+ AI Image Generation Servers Globally

Ddos June 20, 2025

In a concerning development for AI infrastructure security, XLab has uncovered an active exploitation campaign targeting ComfyUI—a...

Elastic Uncovers Stealthy Campaign Using GHOSTPULSE and ARECHCLIENT2 Malware Fake captcha

Elastic Uncovers Stealthy Campaign Using GHOSTPULSE and ARECHCLIENT2 Malware

Ddos June 19, 2025

Elastic Security Labs has revealed a highly sophisticated multi-stage attack chain exploiting a social engineering method dubbed...

XDSpy Resurfaces: Stealthy Cyber-Espionage Campaign Targets Governments with Obscure Windows LNK Flaw

Ddos June 19, 2025

After years of operating in near-total obscurity, the cyber-espionage group XDSpy has resurfaced in a sophisticated campaign...

Taiwan Under Attack: Sophisticated Phishing Campaign Delivers Winos 4.0, HoldingHands RAT, & Gh0stCringe Taiwan Cyberattack, Phishing Campaign

Taiwan Under Attack: Sophisticated Phishing Campaign Delivers Winos 4.0, HoldingHands RAT, & Gh0stCringe

Ddos June 18, 2025

In a detailed investigation published by FortiGuard Labs, a persistent and highly coordinated malware campaign has been...

KimJongRAT Returns: New PE & PowerShell Variants Steal Crypto and Browser Data via CDNs

Ddos June 18, 2025

Unit 42 has uncovered two newly evolved variants of the KimJongRAT malware, one using traditional PE (Portable...

Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign Team46 APT, Google Chrome Zero-Day

Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign

Ddos June 17, 2025

In a major revelation, the Threat Intelligence Department of the Positive Technologies Expert Security Center (PT ESC)...

Water Curse: GitHub Supply Chain Attack Spreads Malware via Fake Tools, Targets Devs & Gamers

Ddos June 17, 2025

In a sweeping campaign that blends social engineering with software subversion, a newly identified threat actor dubbed...

Critical Alert 2 Active Exploits Detected Today