malware Archives • Page 8 of 28 • Daily CyberSecurity

APT28’s BeardShell Campaign: Steganography, Cloud Abuse, and Persistent Espionage Labkotec LID-3300IP CVE-2026-1775 ASUSTOR ADM Vulnerability CVE-2026-3179 Russian Cyberattacks - Security Operations Center

Labkotec LID-3300IP CVE-2026-1775 ASUSTOR ADM Vulnerability CVE-2026-3179 Russian Cyberattacks - Security Operations Center

APT28’s BeardShell Campaign: Steganography, Cloud Abuse, and Persistent Espionage

Ddos September 17, 2025

The Russian-linked threat actor APT28, also known as Sofacy, Fancy Bear, Forest Blizzard, and TAG-110, has unveiled...

SmokeLoader Rises From the Ashes with New, Evasive Variants SmokeLoader, Malware

SmokeLoader Rises From the Ashes with New, Evasive Variants

Ddos September 17, 2025

First emerging in 2011, SmokeLoader (also known as Smoke or Dofoil) has remained one of the most...

PureHVNC RAT: Inside the HVNC Malware and the PureCoder Ecosystem Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

PureHVNC RAT: Inside the HVNC Malware and the PureCoder Ecosystem

Ddos September 17, 2025

A recent forensic investigation by Check Point Research (CPR) has shed light on the Pure malware family,...

Malicious Update to Popular NPM Package TinyColor Exposes Software Supply Chains Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Malicious Update to Popular NPM Package TinyColor Exposes Software Supply Chains

Ddos September 16, 2025

The Socket Research Team has uncovered a large-scale supply chain attack on the npm ecosystem, with more...

Unmasking the DarkCloud: A New Stealer Is Hiding Malware in JPG Files Open VSX Malware String-Fragment Reconstruction DarkCloud Stealer, steganography APT 35 Charming Kitten cyclops

Open VSX Malware String-Fragment Reconstruction DarkCloud Stealer, steganography APT 35 Charming Kitten cyclops

Unmasking the DarkCloud: A New Stealer Is Hiding Malware in JPG Files

Ddos September 16, 2025

CyberProof’s MDR analysts and Threat Hunters observed a sharp increase in DarkCloud Stealer infections, with campaigns primarily...

Maranhão Stealer: A New Malware Hijacks Gamers’ PCs Through Pirated Games Cobalt Strike Evade Detection

Maranhão Stealer: A New Malware Hijacks Gamers’ PCs Through Pirated Games

Ddos September 16, 2025

The Cyble Research and Intelligence Labs (CRIL) has uncovered an active campaign distributing a new information-stealing malware...

A Digital Trojan Horse: A New Campaign Is Using SEO to Deliver Malware SEO poisoning, Hiddengh0st

A Digital Trojan Horse: A New Campaign Is Using SEO to Deliver Malware

Ddos September 16, 2025

Researchers at FortiGuard Labs have uncovered a sophisticated SEO poisoning campaign aimed at Chinese-speaking users. By manipulating...

Unveiling BaoLoader: How One Malware Family Abuses Trust for 7 Years BaoLoader, code-signing abuse

Unveiling BaoLoader: How One Malware Family Abuses Trust for 7 Years

Ddos September 15, 2025

Expel researchers have lifted the veil on a long-running malware operation abusing the global trust model of...

China-Aligned Hackers Unleash Upgraded Toneshell and New USB Worm China-aligned actor, Hive0154

China-Aligned Hackers Unleash Upgraded Toneshell and New USB Worm

Ddos September 15, 2025

IBM X-Force has published new findings on Hive0154, a China-aligned threat actor also tracked under names such...

EvilAI Malware Campaign Exploits Trust in AI Tools to Infiltrate Global Industries EvilAI, malware campaign

EvilAI Malware Campaign Exploits Trust in AI Tools to Infiltrate Global Industries

Ddos September 15, 2025

Trend Micro researchers have uncovered a sophisticated malware campaign dubbed EvilAI, which disguises itself as productivity and...

Meet ZynorRAT: The New Cross-Platform Malware Controlled via Telegram ZynorRAT, Telegram malware

Meet ZynorRAT: The New Cross-Platform Malware Controlled via Telegram

Ddos September 13, 2025

The Sysdig Threat Research Team (TRT) has discovered a new cross-platform Remote Access Trojan (RAT) dubbed ZynorRAT,...

EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military

Ddos September 12, 2025

Bitdefender Threat researchers have detailed a new and highly sophisticated fileless malware framework named EggStreme, used by...

ToneShell Backdoor Evolves With Anti-Analysis Tricks, Continues Targeting Myanmar ToneShell, Mustang Panda

ToneShell Backdoor Evolves With Anti-Analysis Tricks, Continues Targeting Myanmar

Ddos September 12, 2025

Intezer researchers have released a technical analysis of a new variant of ToneShell, a lightweight backdoor tied...

kkRAT: A New Malware Blends Crypto Hijacking with Legitimate RMM Tools

Ddos September 12, 2025

Zscaler ThreatLabz has identified a sophisticated malware campaign active since early May 2025, targeting Chinese-speaking users with...

Beyond Cobalt Strike: A New Open-Source Hacking Tool Is on the Rise Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Beyond Cobalt Strike: A New Open-Source Hacking Tool Is on the Rise

Ddos September 11, 2025

Researchers at Palo Alto Networks’ Unit 42 have published a report detailing the rise of AdaptixC2, an...

ChillyHell: A New macOS Backdoor Bypassed Apple Notarization for Years OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

ChillyHell: A New macOS Backdoor Bypassed Apple Notarization for Years

Ddos September 11, 2025

Jamf Threat Labs has uncovered a new variant of the ChillyHell malware family—an advanced, modular backdoor for...

Fake AI Ad Tool “Madgicx Plus” Hijacks Meta Advertiser Accounts LokiBot Steganography, .NET Loader PlugX malware YiBackdoor, ransomware

Fake AI Ad Tool “Madgicx Plus” Hijacks Meta Advertiser Accounts

Ddos September 11, 2025

Cybereason Security Services has uncovered a malicious Chrome extension campaign targeting Meta (Facebook and Instagram) advertisers. Branded...

Luno: A “Self-Healing” Linux Botnet That Mines Crypto and Launches DDoS Attacks Luno botnet, Linux botnet

Luno: A “Self-Healing” Linux Botnet That Mines Crypto and Launches DDoS Attacks

Ddos September 11, 2025

Cyble Research and Intelligence Labs (CRIL) has discovered an active in-the-wild Linux botnet campaign dubbed “Luno,” which...

GONEPOSTAL: New Outlook Backdoor by Russia’s APT28 Uses Email for C2 APT28, GONEPOSTAL

GONEPOSTAL: New Outlook Backdoor by Russia’s APT28 Uses Email for C2

Ddos September 10, 2025

Kroll has identified a new espionage campaign attributed to Russia’s APT28 (Fancy Bear), involving a custom Outlook...

APT37 Expands Arsenal with Rustonotto Backdoor, PowerShell Chinotto, and FadeStealer North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

APT37 Expands Arsenal with Rustonotto Backdoor, PowerShell Chinotto, and FadeStealer

Ddos September 10, 2025

Zscaler ThreatLabz has uncovered new details about North Korean-aligned threat actor APT37 (also known as ScarCruft, Ruby...