malware Archives • Page 24 of 28 • Daily CyberSecurity

Sophisticated Phishing Campaign Uses Multi-Layered Tactics to Deliver Malware Salt Typhoon Teleco Hack, Cisco Academy Link CVE-2025-0282 PoC exploit

Salt Typhoon Teleco Hack, Cisco Academy Link CVE-2025-0282 PoC exploit

Sophisticated Phishing Campaign Uses Multi-Layered Tactics to Deliver Malware

Ddos April 18, 2025

A recent report from Unit 42, the threat intelligence division of Palo Alto Networks, reveals a sophisticated...

Gamaredon’s PteroLNK Malware: Stealthy Espionage Tactics Uncovered Gamaredon, PteroLNK

Gamaredon’s PteroLNK Malware: Stealthy Espionage Tactics Uncovered

Ddos April 18, 2025

A recent deep-dive analysis by HarfangLab uncovers new insights into the persistent and ever-evolving operations of Gamaredon,...

Interlock Ransomware Uses Evolving Tactics to Evade Detection Interlock Ransomware, ClickFix

Interlock Ransomware Uses Evolving Tactics to Evade Detection

Ddos April 18, 2025

A new report by Sekoia Threat Detection & Research (TDR) details the activities of Interlock, a ransomware...

Node.js Misused in Malvertising Campaigns to Deliver Stealthy Malware Node.js malware, malvertising attacks

Node.js Misused in Malvertising Campaigns to Deliver Stealthy Malware

Ddos April 17, 2025

Microsoft Defender Experts (DEX) has observed a rise in malicious campaigns that use Node.js to deliver malware...

Novel Attack Uses Teams Phishing and Zero-Day TypeLib Hijacking Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

Novel Attack Uses Teams Phishing and Zero-Day TypeLib Hijacking

Ddos April 17, 2025

In a concerning escalation of social engineering and persistence techniques, cybersecurity firm ReliaQuest has uncovered a new...

LummaStealer: The Evolution of a Sophisticated MaaS LummaStealer, Malware-as-a-Service

LummaStealer: The Evolution of a Sophisticated MaaS

Ddos April 17, 2025

Once a rising name in the stealer malware scene, LummaStealer has now evolved into one of the...

Waiting Thread Hijacking: A Stealthier Code Injection Technique Thread Hijacking Process Injection

Waiting Thread Hijacking: A Stealthier Code Injection Technique

Ddos April 16, 2025

Process injection is a technique frequently employed by attackers, with its variations appearing in numerous malware. This...

UNC5174: Chinese Threat Actor Deploys New VShell RAT in Campaign Operation IconCat, UNG0801 AFP cyberattack -NetWalker Ransomware VShell RAT

UNC5174: Chinese Threat Actor Deploys New VShell RAT in Campaign

Ddos April 16, 2025

The Sysdig Threat Research Team (TRT) has uncovered a new campaign by the Chinese state-sponsored threat actor...

PasivRobber: In-Depth Analysis of Sophisticated macOS Malware GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

PasivRobber: In-Depth Analysis of Sophisticated macOS Malware

Ddos April 16, 2025

A recent discovery by Kandji’s research team has brought to light a sophisticated threat targeting macOS systems:...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Beware Fake PDF Converters: A Social Engineering Threat

Ddos April 16, 2025

In today’s digital age, online file converters have become indispensable tools for streamlining daily workflows. However, a...

BPFDoor Backdoor Used in Asia, Middle East Cyberespionage IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

BPFDoor Backdoor Used in Asia, Middle East Cyberespionage

Ddos April 16, 2025

A recent report by Trend Micro has uncovered a stealthy, state-sponsored backdoor called BPFDoor, which has been...

BRICKSTORM Backdoor Targets European Industries BRICKSTORM, Cyber Espionage

BRICKSTORM Backdoor Targets European Industries

Ddos April 16, 2025

In a recent technical expose, NVISO sheds light on BRICKSTORM, a stealthy espionage backdoor attributed to the...

ResolverRAT: New RAT Employs Advanced Evasion Techniques Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

ResolverRAT: New RAT Employs Advanced Evasion Techniques

Ddos April 15, 2025

A new remote access trojan (RAT) has emerged, and it’s armed with advanced techniques to evade detection....

DarkHotel APT Group’s Evolving Attack Techniques DarkHotel, APT group

DarkHotel APT Group’s Evolving Attack Techniques

Ddos April 15, 2025

A recent investigation by the Knownsec 404 Advanced Threat Intelligence Team has uncovered a new wave of...

Fake Font Domain Used in Credit Card Skimming Attack WordPress Backdoor

Fake Font Domain Used in Credit Card Skimming Attack

Ddos April 15, 2025

A recent investigation by Sucuri revealed a sophisticated credit card skimming attack on a WordPress website. The...

DAMASCENED PEACOCK: NCSC Uncovers Sophisticated Malware Targeting UK MOD Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

DAMASCENED PEACOCK: NCSC Uncovers Sophisticated Malware Targeting UK MOD

Ddos April 15, 2025

In a covert campaign targeting the UK Ministry of Defence, a sophisticated malware dubbed DAMASCENED PEACOCK has...

Slow Pisces Targets Crypto Developers with Deceptive Coding Challenges BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

Slow Pisces Targets Crypto Developers with Deceptive Coding Challenges

Ddos April 14, 2025

In a recent cybersecurity report by Unit 42, a North Korean state-sponsored threat group known as Slow...

GOFFEE APT: New PowerModul Implant and Tactics Target Russian Organizations GOFFEE APT Russian cyberattacks

GOFFEE APT: New PowerModul Implant and Tactics Target Russian Organizations

Ddos April 14, 2025

The APT group GOFFEE has resurfaced with a revamped arsenal, launching targeted cyberattacks across Russia’s strategic sectors....

ViperSoftX Malware: Arabic-Speaking Attackers Exploit PowerShell in New Cyberattack Campaign ViperSoftX malware South Korea cyberattack

ViperSoftX Malware: Arabic-Speaking Attackers Exploit PowerShell in New Cyberattack Campaign

Ddos April 13, 2025

AhnLab Security intelligence Center (ASEC) has revealed a cyberattack campaign where Arabic-speaking attackers are distributing ViperSoftX malware,...

Sapphire Werewolf’s Amethyst Stealer Targets Energy Companies Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Sapphire Werewolf’s Amethyst Stealer Targets Energy Companies

Ddos April 11, 2025

A new report from BI.ZONE Threat Intelligence reveals that the threat actor Sapphire Werewolf is actively refining...