ransomware Archives • Page 4 of 11 • Daily CyberSecurity

Ransomware Gangs Weaponize AnyDesk, Splashtop, and Other Legitimate RATs to Bypass Security Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Ransomware Gangs Weaponize AnyDesk, Splashtop, and Other Legitimate RATs to Bypass Security

Do Son October 4, 2025

Ransomware groups are increasingly turning to legitimate Remote Access Tools (RATs) such as AnyDesk, UltraViewer, RustDesk, Splashtop,...

XWorm V6.0 Resurfaces: Modular RAT Returns with Ransomware Plugin and Advanced Evasion AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

XWorm V6.0 Resurfaces: Modular RAT Returns with Ransomware Plugin and Advanced Evasion

Do Son October 4, 2025

The latest analysis from Trellix ARC reveals the unexpected return of XWorm, a notorious Remote Access Trojan...

Russian-Speaking Lunar Spider Group Launches New Ransomware Wave with Latrodectus V2 Loader Sandworm Tactical Pivot, Edge Device Misconfiguration Russian cyber firms, Kremlin ties Sandworm MAX messenger

Sandworm Tactical Pivot, Edge Device Misconfiguration Russian cyber firms, Kremlin ties Sandworm MAX messenger

Russian-Speaking Lunar Spider Group Launches New Ransomware Wave with Latrodectus V2 Loader

Do Son October 2, 2025

The NVISO Cyber Security Incident Response Team (CSIRT) has released new findings exposing the latest campaign by...

LockBit 5.0 Ransomware: Cross-Platform Evolution Targets Windows, Linux, and ESXi LockBit 5.0, Cross-Platform Ransomware

LockBit 5.0 Ransomware: Cross-Platform Evolution Targets Windows, Linux, and ESXi

Do Son September 27, 2025

Trend Research has released an in-depth analysis of LockBit 5.0, the latest evolution of one of the...

New Malware “YiBackdoor” Linked to IcedID and Latrodectus LokiBot Steganography, .NET Loader PlugX malware YiBackdoor, ransomware

New Malware “YiBackdoor” Linked to IcedID and Latrodectus

Do Son September 24, 2025

Researchers at Zscaler ThreatLabz have uncovered a new malware family, dubbed YiBackdoor, first observed in June 2025....

Zloader Resurfaces: Stealthier Trojan Evolves with DNS Tunneling and WebSocket C2 Zloader, ransomware

Zloader Resurfaces: Stealthier Trojan Evolves with DNS Tunneling and WebSocket C2

Do Son September 24, 2025

After nearly two years of silence, Zloader (a.k.a. Terdot, DELoader, or Silent Night) has returned with new...

Kawa4096: A New Ransomware Group with Akira-Style Branding and Qilin-Like Notes CVE-2024-22394

Kawa4096: A New Ransomware Group with Akira-Style Branding and Qilin-Like Notes

Do Son September 23, 2025

In June 2025, a new ransomware group known as Kawa4096 surfaced, launching disruptive attacks against multinational organizations...

SystemBC Botnet Evolves Into High-Volume VPS Proxy Network, Powering Criminal Ecosystem Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

SystemBC Botnet Evolves Into High-Volume VPS Proxy Network, Powering Criminal Ecosystem

Do Son September 23, 2025

The Black Lotus Labs team at Lumen Technologies has uncovered major new infrastructure behind the SystemBC botnet,...

CountLoader: A New Malware Loader Linked to Russian Ransomware Groups Osiris Ransomware Inc Ransomware Connection CountLoader Massive Ransomware Campaign CVE-2025-0289

Osiris Ransomware Inc Ransomware Connection CountLoader Massive Ransomware Campaign CVE-2025-0289

CountLoader: A New Malware Loader Linked to Russian Ransomware Groups

Do Son September 22, 2025

Researchers at Silent Push have identified a newly emerging malware loader dubbed CountLoader, which they assess to...

BlackLock Ransomware: A New Cross-Platform Threat Spreading Rapidly

Do Son September 22, 2025

The AhnLab Security Intelligence Center (ASEC) has released a detailed analysis of BlackLock, a relatively new ransomware...

GOLD SALEM: A New Ransomware Group Is Exploiting SharePoint Flaws Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

GOLD SALEM: A New Ransomware Group Is Exploiting SharePoint Flaws

Do Son September 22, 2025

Researchers from the Sophos Counter Threat Unit (CTU) have published new intelligence on a rising ransomware group...

ShinyHunters Expands With AI-Powered Vishing, Supply Chain Intrusions, and Insider Recruitment Open VSX Malware String-Fragment Reconstruction DarkCloud Stealer, steganography APT 35 Charming Kitten cyclops

Open VSX Malware String-Fragment Reconstruction DarkCloud Stealer, steganography APT 35 Charming Kitten cyclops

ShinyHunters Expands With AI-Powered Vishing, Supply Chain Intrusions, and Insider Recruitment

Do Son September 19, 2025

ShinyHunters, one of the most notorious financially motivated eCrime groups, is broadening its arsenal with AI-driven social...

CyberVolk Ransomware’s Decryption Flaw Makes Data Recovery Impossible The created ransom note

CyberVolk Ransomware’s Decryption Flaw Makes Data Recovery Impossible

Do Son September 11, 2025

AhnLab researchers have released an in-depth technical analysis of the CyberVolk ransomware, a strain that has been...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

ACSC Warns of Active Exploitation of SonicWall SSL VPN Vulnerability (CVE-2024-40766)

Do Son September 11, 2025

The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has issued an alert on the active...

The Gentlemen: A New Ransomware Group Using Legitimate Tools to Bypass Security Chinese espionage groups APT35 Phishing, Stormshield CTI

The Gentlemen: A New Ransomware Group Using Legitimate Tools to Bypass Security

Do Son September 11, 2025

Trend Micro researchers have revealed a new ransomware campaign orchestrated by The Gentlemen, an emerging threat group...

From CastleLoader to CastleRAT: TAG-150’s Multi-Tiered Cyber Arsenal Expands AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

From CastleLoader to CastleRAT: TAG-150’s Multi-Tiered Cyber Arsenal Expands

Do Son September 9, 2025

Security researchers at Insikt Group have uncovered a major advancement in the operations of a newly designated...

A New Threat to Artists: Hackers Threaten to Feed Stolen Art to AI AI extortion, artists' rights

A New Threat to Artists: Hackers Threaten to Feed Stolen Art to AI

Do Son September 8, 2025

For content creators, the unauthorized scraping of their work by AI companies for training artificial intelligence models...

Obscura: A Stealthy New Go-Based Ransomware Is Abusing Domain Controllers Obscura ransomware, domain controller

Obscura: A Stealthy New Go-Based Ransomware Is Abusing Domain Controllers

Do Son September 4, 2025

Security analysts at Huntress reported the discovery of a previously unseen ransomware variant, named Obscura. The malware...

DireWolf: The New Ransomware Group Targeting Global Businesses DireWolf execution flow

DireWolf: The New Ransomware Group Targeting Global Businesses

Do Son September 4, 2025

The DireWolf ransomware group, first emerging in May 2025, has rapidly evolved into a formidable cyber threat...

Anatomy of an Attack: New Report Exposes Ukrainian Networks Fueling Global Brute-Force Campaigns

Do Son September 2, 2025

A new report from Intrinsec has revealed a sprawling web of Ukrainian and offshore networks fueling large-scale...

Critical Alert 2 Active Exploits Detected Today