malware Archives • Page 4 of 28 • Daily CyberSecurity

Hackers Impersonate Stripe.net to Hijack the Global Payment Supply Chain Stripe.net Typosquatting NuGet Supply Chain Attack

Hackers Impersonate Stripe.net to Hijack the Global Payment Supply Chain

Ddos February 27, 2026

Late last year, the cybersecurity community was put on high alert when the ReversingLabs research team uncovered...

The Explorer Trap: How Hackers Turn Windows File Explorer into a Silent Portal for Remote Access Trojans Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

The Explorer Trap: How Hackers Turn Windows File Explorer into a Silent Portal for Remote Access Trojans

Ddos February 27, 2026

Security researchers at Cofense Intelligence have uncovered a stealthy and growing malware delivery campaign that bypasses traditional...

The Interview Trap: Malicious Next.js Repositories Weaponize Coding Tests to Hack Developers Developer Targeting Campaign Next.js Malware Lures

Developer Targeting Campaign Next.js Malware Lures

The Interview Trap: Malicious Next.js Repositories Weaponize Coding Tests to Hack Developers

Ddos February 27, 2026

The job hunt just got a lot more dangerous for software engineers. Microsoft Defender Experts identified a...

Live from Your Webcam: Remcos RAT Evolves into a Real-Time Surveillance Nightmare WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

Live from Your Webcam: Remcos RAT Evolves into a Real-Time Surveillance Nightmare

Ddos February 19, 2026

Remcos, once a commercial remote management tool turned notorious Remote Access Trojan (RAT), has received an upgrade....

Hackers Weaponize DocuSign and SimpleHelp in Stealthy New Campaign DocuSign Phishing SimpleHelp Malware

Hackers Weaponize DocuSign and SimpleHelp in Stealthy New Campaign

Ddos February 19, 2026

In a sophisticated blend of social engineering and technical evasion, cybercriminals are increasingly hiding behind trusted corporate...

New CRESCENTHARVEST Malware Targets Iranian Dissidents Zyxel security - Mitel MiCollab Vulnerability

New CRESCENTHARVEST Malware Targets Iranian Dissidents

Ddos February 18, 2026

A new cyber espionage campaign is exploiting the political unrest in Iran to target dissidents and supporters...

Fake Jobs, Real Theft: “Contagious Interview” Malware Drains Crypto Wallets Contagious Interview Campaign MetaMask Malware

Fake Jobs, Real Theft: “Contagious Interview” Malware Drains Crypto Wallets

Ddos February 18, 2026

A notorious North Korean cyber espionage campaign targeting the tech sector has evolved with a dangerous new...

Game Over: “RenEngine” Malware Hides in Pirated Visual Novels RenEngine Malware Pirated Games Security

Game Over: “RenEngine” Malware Hides in Pirated Visual Novels

Ddos February 17, 2026

A new malware campaign is turning the quest for free games into a nightmare for players. A...

Don’t Click That Shortcut: Phorpiex Botnet Hides in “Your Document” Emails Phorpiex Botnet LNK Phishing

Don’t Click That Shortcut: Phorpiex Botnet Hides in “Your Document” Emails

Ddos February 16, 2026

A high-volume phishing campaign has been spotted in the wild, reviving an old but effective tactic to...

The Silent Hijack: BADIIS Malware Turns 1,800+ Servers into Illicit Websites BADIIS Malware IIS SEO Poisoning

The Silent Hijack: BADIIS Malware Turns 1,800+ Servers into Illicit Websites

Ddos February 16, 2026

A massive SEO poisoning campaign is silently turning legitimate web servers into billboards for the digital underground....

The 7-Zip Trap: How a 25-Year-Old Domain Was Weaponized to Turn Your PC into a Proxy Bot SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

The 7-Zip Trap: How a 25-Year-Old Domain Was Weaponized to Turn Your PC into a Proxy Bot

Ddos February 11, 2026

Security researchers have recently unveiled a sophisticated stratagem wherein adversaries gained control of the domain 7zip[.]com to...

Silent Army: SystemBC Botnet Infects 10,000+ IPs & Government Networks Global distribution of IP addresses map

Silent Army: SystemBC Botnet Infects 10,000+ IPs & Government Networks

Ddos February 9, 2026

A massive, silent army of compromised devices has been uncovered by researchers, revealing a sprawling botnet that...

“Can You Hear Me?” BlueNoroff Hackers Use Fake Audio Glitch to Breach macOS BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

“Can You Hear Me?” BlueNoroff Hackers Use Fake Audio Glitch to Breach macOS

Ddos February 5, 2026

A routine business call turned into a nightmare for one macOS user after North Korean state-sponsored hackers...

Ghost Folders: “Directory Shadowing” Hack Hijacks WordPress SEO WordPress Directory Shadowing SEO Spam Malware

Ghost Folders: “Directory Shadowing” Hack Hijacks WordPress SEO

Ddos February 5, 2026

A new and stealthy malware campaign is targeting WordPress sites, turning trusted pages into billboards for online...

Open VSX Hijacked: “GlassWorm” Malware Poisons VS Code Extensions

Ddos February 5, 2026

A sophisticated supply chain attack has struck the open-source ecosystem, leveraging compromised developer credentials to inject malware...

Trojan AI: OpenClaw “Skills” Marketplace Flooded with Malware OpenClaw Supply Chain Attack Malicious AI Skills

Trojan AI: OpenClaw “Skills” Marketplace Flooded with Malware

Ddos February 3, 2026

The booming ecosystem of personal AI agents has hit its first major security speed bump. VirusTotal has...

The “IClickFix” Trap: 3,800+ WordPress Sites Poisoned by Fake CAPTCHAs IClickFix Framework WordPress Watering Hole

The “IClickFix” Trap: 3,800+ WordPress Sites Poisoned by Fake CAPTCHAs

Ddos February 3, 2026

A massive wave of “watering hole” attacks has turned thousands of legitimate WordPress websites into traps for...

Notepad++ Hijacked: State-Sponsored Actors Poisoned Updates for Months FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

Notepad++ Hijacked: State-Sponsored Actors Poisoned Updates for Months

Ddos February 2, 2026

The developer behind Notepad++, the ubiquitous open-source text editor found on millions of developer desktops, has confirmed...

“Update” to Nightmare: eScan Antivirus Hacked to Distribute Malware TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

“Update” to Nightmare: eScan Antivirus Hacked to Distribute Malware

Ddos January 30, 2026

Security researchers at Morphisec have uncovered a massive compromise affecting eScan, an enterprise antivirus solution developed by...

“Repo Squatting”: How Hackers Are Using GitHub’s Own Features to Hijack Official Repos GitHub Copilot Pro trial suspension GitHub Actions Platform Fee, Self-Hosted Runner Tax 2026 GitHub Apple ID, Privacy Login GitHub Microsoft Github disruptions CVE-2025-30066 GitHub Outage, Service Disruption

GitHub Copilot Pro trial suspension GitHub Actions Platform Fee, Self-Hosted Runner Tax 2026 GitHub Apple ID, Privacy Login GitHub Microsoft Github disruptions CVE-2025-30066 GitHub Outage, Service Disruption

“Repo Squatting”: How Hackers Are Using GitHub’s Own Features to Hijack Official Repos

Ddos January 27, 2026

In a clever twist on software supply chain attacks, threat actors are weaponizing a quirk in GitHub’s...