malware Archives • Page 5 of 28 • Daily CyberSecurity

The CAPTCHA Trap: ClearFake Malware Tricks Users Into Hacking Themselves axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

The CAPTCHA Trap: ClearFake Malware Tricks Users Into Hacking Themselves

Ddos January 27, 2026

A sophisticated malware campaign is turning a standard security verification step into a trap. Security researchers at...

Trusted Tool, Hidden Threat: Official EmEditor Installer Hijacked to Push Malware EmEditor Supply Chain Attack Trojanized Installer

Trusted Tool, Hidden Threat: Official EmEditor Installer Hijacked to Push Malware

Ddos January 27, 2026

A compromised installer for EmEditor, a text editor trusted by developers worldwide, has been used to distribute...

The Developer’s Backdoor: North Korea Weaponizes Visual Studio Code Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

The Developer’s Backdoor: North Korea Weaponizes Visual Studio Code

Ddos January 26, 2026

Cyber spies aligned with North Korea are now weaponizing a tool beloved by developers worldwide—Visual Studio Code—to...

CISA Adds 4 Critical Flaws to “Must-Patch” List as Exploits Surge CISA KEV Update Versa Concerto Vulnerability KEV Catalog Vulnerability Patch CVE-2025-30406

CISA KEV Update Versa Concerto Vulnerability KEV Catalog Vulnerability Patch CVE-2025-30406

CISA Adds 4 Critical Flaws to “Must-Patch” List as Exploits Surge

Ddos January 23, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with four...

Public PoC Exploit Released for Critical Android Flaw Grants Apps Permissions Without You Knowing Android CVE-2024-23700 Zero-Interaction Exploit Candiru spyware Android vulnerability, security update

Android CVE-2024-23700 Zero-Interaction Exploit Candiru spyware Android vulnerability, security update

Public PoC Exploit Released for Critical Android Flaw Grants Apps Permissions Without You Knowing

Ddos January 23, 2026

A critical privilege escalation vulnerability in the Android ecosystem is raising alarms after security researcher Canyie publicly...

“SymPy” Imposter: Typosquatting Attack Turns Math Library into Crypto Miner sympy-dev Malware PyPI Supply Chain Attack

“SymPy” Imposter: Typosquatting Attack Turns Math Library into Crypto Miner

Ddos January 23, 2026

A deceptive new supply chain attack has been uncovered in the Python ecosystem, where a malicious package...

Trust Hijacked: Hackers Seize Expired Domains to Poison Linux Snap Apps Snap Store Malware Domain Hijacking

Trust Hijacked: Hackers Seize Expired Domains to Poison Linux Snap Apps

Ddos January 22, 2026

A disturbing new tactic has emerged in the Linux software ecosystem, turning trusted developer accounts into vehicles...

Bandwidth Bandits: Fake Notepad++ Installers Hide “Proxyjacking” Malware Proxyjacking Larva-25012

Bandwidth Bandits: Fake Notepad++ Installers Hide “Proxyjacking” Malware

Ddos January 22, 2026

A new wave of cyberattacks is targeting users looking for free software, turning their computers into unwilling...

“Contagious” Code: North Korean Hackers Infiltrate Developer Workflows via Visual Studio Code BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

“Contagious” Code: North Korean Hackers Infiltrate Developer Workflows via Visual Studio Code

Ddos January 21, 2026

The “Contagious Interview” campaign, a sophisticated cyber-espionage operation attributed to North Korean (DPRK) threat actors, has evolved...

“Evelyn Stealer” Weaponizes Visual Studio Code Extensions KTLVdoor backdoor - CoffeeLoader Malware

“Evelyn Stealer” Weaponizes Visual Studio Code Extensions

Ddos January 21, 2026

The tools that software developers trust most are being turned against them in a sophisticated new malware...

Fake Productivity Tools: 5 Malicious Chrome Extensions Hijack Enterprise Sessions Amazon Ads Blocker Affiliate Link Hijacking Malicious browser extensions

Amazon Ads Blocker Affiliate Link Hijacking Malicious browser extensions

Fake Productivity Tools: 5 Malicious Chrome Extensions Hijack Enterprise Sessions

Ddos January 19, 2026

A new and sophisticated campaign targeting enterprise environments has been uncovered by Socket’s Threat Research Team. Five...

macOS Developers in the Crosshairs: GlassWorm’s Wave 4 Exploits VS Code to Trojanize Hardware Wallets GlassWorm Wave 4, macOS Supply Chain Attack

GlassWorm Wave 4, macOS Supply Chain Attack

macOS Developers in the Crosshairs: GlassWorm’s Wave 4 Exploits VS Code to Trojanize Hardware Wallets

Ddos January 6, 2026

The resilient “GlassWorm” threat actor, known for embedding malicious code into Visual Studio Code extensions, has returned...

The Sleeper in Your Browser: How DarkSpectre Turned 8.8 Million Extensions into State-Aligned Spies DarkSpectre, Browser Extension Espionage

The Sleeper in Your Browser: How DarkSpectre Turned 8.8 Million Extensions into State-Aligned Spies

Ddos January 5, 2026

In a revelation that exposes a gaping hole in the browser extension ecosystem, Koi Security has unmasked...

New “Eternl Desktop” Phishing Lure Drops LogMeIn to Hijack Cardano Wallets

Ddos January 2, 2026

The Cardano community is currently in the crosshairs of a highly sophisticated “wolf in sheep’s clothing” campaign....

EmEditor Compromised: “WALSHAM” Imposter Poisons Official Installer with Spyware Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

EmEditor Compromised: “WALSHAM” Imposter Poisons Official Installer with Spyware

Ddos December 29, 2025

In a major supply chain security incident, the popular text editor EmEditor has confirmed that its official...

“Prefix Swap” Panic: Sophisticated “Jackson” Imposter Infiltrates Maven Central Maven Prefix Swap, jackson-databind Malware Effective Malware Cleaner

Maven Prefix Swap, jackson-databind Malware Effective Malware Cleaner

“Prefix Swap” Panic: Sophisticated “Jackson” Imposter Infiltrates Maven Central

Ddos December 29, 2025

The Java ecosystem, long considered a fortress compared to the wild west of npm, has been breached...

The “D” is for Danger: How a Tiny Typo in MAS Activation Hijacks Your PC WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC