malware Archives • Page 9 of 28 • Daily CyberSecurity

Malicious npm Packages Impersonate Flashbots SDKs to Steal Ethereum Wallet Credentials Ethereum, npm supply chain

Malicious npm Packages Impersonate Flashbots SDKs to Steal Ethereum Wallet Credentials

Ddos September 9, 2025

Socket’s Threat Research Team has uncovered a coordinated supply chain attack targeting the Ethereum ecosystem through four...

From CastleLoader to CastleRAT: TAG-150’s Multi-Tiered Cyber Arsenal Expands AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

From CastleLoader to CastleRAT: TAG-150’s Multi-Tiered Cyber Arsenal Expands

Ddos September 9, 2025

Security researchers at Insikt Group have uncovered a major advancement in the operations of a newly designated...

NightshadeC2: A New Botnet Is Using “UAC Prompt Bombing” to Bypass Windows Defender NightshadeC2, UAC Prompt Bombing

NightshadeC2: A New Botnet Is Using “UAC Prompt Bombing” to Bypass Windows Defender

Ddos September 8, 2025

Recently, the eSentire Threat Response Unit (TRU) identified a new botnet family dubbed NightshadeC2, deployed through a...

Google to Restrict Android Sideloading in New Security Push Android Zero-Click RCE CVE-2026-0073 Android sideloading CVE-2024-43096, CVE-2024-43770, CVE-2024-43771, CVE-2024-49747 and, CVE-2024-49748

Android Zero-Click RCE CVE-2026-0073 Android sideloading CVE-2024-43096, CVE-2024-43770, CVE-2024-43771, CVE-2024-49747 and, CVE-2024-49748

Google to Restrict Android Sideloading in New Security Push

Ddos September 8, 2025

Google recently announced that beginning in 2026, application developers will gradually be required to undergo identity verification,...

Acronis TRU Uncovers Surge in ScreenConnect Abuse with Dual-RAT Deployment Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Acronis TRU Uncovers Surge in ScreenConnect Abuse with Dual-RAT Deployment

Ddos September 5, 2025

The Acronis Threat Research Unit (TRU) has released new findings on an evolving cyber campaign that abuses...

Beyond Simple Scripts: A New XWorm Campaign Uses Multi-Stage Stealth Caminho LSB Steganography, Loader-as-a-Service 2023 Threat Report

Beyond Simple Scripts: A New XWorm Campaign Uses Multi-Stage Stealth

Ddos September 5, 2025

Researchers at the Trellix Advanced Research Center have identified a sophisticated new campaign leveraging the XWorm backdoor,...

NotDoor: A New Backdoor by Russia’s APT28 Is Hiding in Microsoft Outlook Macros APT28, NotDoor

NotDoor: A New Backdoor by Russia’s APT28 Is Hiding in Microsoft Outlook Macros

Ddos September 5, 2025

The intelligence team at LAB52 (S2 Grupo) has uncovered a sophisticated new backdoor campaign attributed to APT28,...

Stealerium: How an Open-Source Infostealer Is Being Used in Phishing Campaigns Stealerium, infostealer

Stealerium: How an Open-Source Infostealer Is Being Used in Phishing Campaigns

Ddos September 4, 2025

Proofpoint threat researchers have uncovered a surge in campaigns distributing Stealerium-based malware, an open-source infostealer first released...

Crypto as a Weapon: Malicious npm Packages Use Ethereum Smart Contracts for C2 GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Crypto as a Weapon: Malicious npm Packages Use Ethereum Smart Contracts for C2

Ddos September 4, 2025

Researchers from ReversingLabs have discovered two malicious npm packages leveraging Ethereum smart contracts to conceal and deliver...

DireWolf: The New Ransomware Group Targeting Global Businesses DireWolf execution flow

DireWolf: The New Ransomware Group Targeting Global Businesses

Ddos September 4, 2025

The DireWolf ransomware group, first emerging in May 2025, has rapidly evolved into a formidable cyber threat...

Why Antivirus Software Flags Your Linux ISO as Malware Linux Kernel legacy driver removal Linux kernel x86 page fault, interrupt state asymmetry fix Linux ISO, false positive CVE-2023-6200 - Linux Kernel 6.12 LTS 6.14

Linux Kernel legacy driver removal Linux kernel x86 page fault, interrupt state asymmetry fix Linux ISO, false positive CVE-2023-6200 - Linux Kernel 6.12 LTS 6.14

Why Antivirus Software Flags Your Linux ISO as Malware

Ddos September 2, 2025

The website DistroWatch, known for its coverage of Linux-related developments, has recently highlighted an issue encountered by...

Beyond ClickFix: A New Attack Abuses Windows Search to Deliver MetaStealer ChaCha20 Cipher

Beyond ClickFix: A New Attack Abuses Windows Search to Deliver MetaStealer

Ddos September 2, 2025

For over a year, Huntress researchers have been tracking the rise of ClickFix attacks, a form of...

AI Waifu RAT: A New Malware Masquerades as an AI Assistant to Hijack Your PC AI Waifu RAT, social engineering

AI Waifu RAT: A New Malware Masquerades as an AI Assistant to Hijack Your PC

Ddos September 2, 2025

Security researcher Ryingo has released a detailed analysis of a new malware strain dubbed the “AI Waifu...

Beyond Phishing: Iranian-Aligned Group Abuses Omani Mailbox to Spy on Diplomats Iranian-aligned, spear-phishing

Beyond Phishing: Iranian-Aligned Group Abuses Omani Mailbox to Spy on Diplomats

Ddos September 2, 2025

Recently, researchers at Dream’s Threat Intelligence Team uncovered a sophisticated spear-phishing campaign that leveraged a compromised mailbox...

TAOTH Campaign: Hijacked Software Updates Are Spreading Malware Across Asia Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

TAOTH Campaign: Hijacked Software Updates Are Spreading Malware Across Asia

Ddos September 1, 2025

Trend Micro researchers have detailed a sophisticated cyber-espionage operation, dubbed TAOTH, which leverages hijacked software updates and...

A Dangerous Loophole in the VS Code Marketplace Is Allowing Malicious Extensions libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

A Dangerous Loophole in the VS Code Marketplace Is Allowing Malicious Extensions

Ddos September 1, 2025

ReversingLabs researchers have uncovered a dangerous loophole in the Visual Studio Code (VS Code) Marketplace that allows...

Trojan Horse: A Fake PDF Editor Is Actually a Malware-Laden Backdoor PDF Editor, malware

Trojan Horse: A Fake PDF Editor Is Actually a Malware-Laden Backdoor

Ddos August 31, 2025

Security researchers at G DATA Security Lab have exposed the AppSuite PDF Editor as a malware-laden backdoor,...

MystRodX: A Stealthy New Backdoor Found Hiding in Networks for Over 20 Months MystRodX, stealthy backdoor

MystRodX: A Stealthy New Backdoor Found Hiding in Networks for Over 20 Months

Ddos August 30, 2025

XLab has identified a previously unknown and stealthy backdoor dubbed MystRodX, capable of operating undetected in compromised...

A Deceptive AI Lure Is Hiding ScreenConnect & XWorm RAT to Hijack Your PC ScreenConnect, XWorm RAT

A Deceptive AI Lure Is Hiding ScreenConnect & XWorm RAT to Hijack Your PC

Ddos August 29, 2025

The SpiderLabs Threat Hunt Team at Trustwave has discovered a malicious campaign abusing AI-themed branding to trick...

Beyond Email: Why Your Microsoft Teams Chat Is Now a Phishing Danger Zone Teams phishing, Teams security

Beyond Email: Why Your Microsoft Teams Chat Is Now a Phishing Danger Zone

Ddos August 29, 2025

Security researchers at Hunters have published a new analysis revealing how attackers are increasingly abusing Microsoft Teams...