rat Archives • Page 2 of 5 • Daily CyberSecurity

Transparent Tribe Weaponizes “JLPT” Tests in New Cyber-Espionage Campaign Against India Operation IconCat, UNG0801 AFP cyberattack -NetWalker Ransomware VShell RAT

Operation IconCat, UNG0801 AFP cyberattack -NetWalker Ransomware VShell RAT

Transparent Tribe Weaponizes “JLPT” Tests in New Cyber-Espionage Campaign Against India

Do Son January 5, 2026

A seemingly harmless notification about a Japanese language proficiency exam has become the latest vector for state-aligned...

“Tax Compliance” Trap: Hackers Mimic Indian Income Tax Department to Deploy China-Linked Malware Income Tax Phishing, China-Linked APT

“Tax Compliance” Trap: Hackers Mimic Indian Income Tax Department to Deploy China-Linked Malware

Do Son December 23, 2025

As tax filing season discussions linger, a new and sophisticated phishing campaign is targeting Indian businesses by...

North Korea’s Kimsuky Upgrades DOCSWAP Malware to Hijack Smartphones via QR Codes Chinese espionage groups APT35 Phishing, Stormshield CTI

North Korea’s Kimsuky Upgrades DOCSWAP Malware to Hijack Smartphones via QR Codes

Do Son December 22, 2025

The notorious North Korean threat group Kimsuky has launched a renewed mobile offensive, deploying an evolved version...

PyStoreRAT Uncovered: Fileless RAT Hides in Fake GitHub Repos to Launch Invisible Attacks on Developers PyStoreRAT Fileless, GitHub Supply Chain

PyStoreRAT Fileless, GitHub Supply Chain

PyStoreRAT Uncovered: Fileless RAT Hides in Fake GitHub Repos to Launch Invisible Attacks on Developers

Do Son December 16, 2025

A sophisticated new threat is stalking the open-source community, turning the trust developers place in GitHub repositories...

Sophisticated CastleRAT Backdoor Uses Steam Community Pages as Covert C2 Resolver for Espionage CastleRAT, Steam C2 Resolver

Sophisticated CastleRAT Backdoor Uses Steam Community Pages as Covert C2 Resolver for Espionage

Do Son December 9, 2025

A sophisticated new Remote Access Trojan (RAT) has emerged, blending stealthy execution with powerful data theft capabilities...

Lazarus Group’s New ScoringMathTea RAT Uses Reflective Plugin Loader and Custom Polyalphabetic Crypto for Espionage axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

Lazarus Group’s New ScoringMathTea RAT Uses Reflective Plugin Loader and Custom Polyalphabetic Crypto for Espionage

Do Son November 20, 2025

A new technical deep-dive by malware researcher 0x0d4y reveals the inner workings of ScoringMathTea, a sophisticated remote...

Next-Gen Stealth: Malware Hides C2 Traffic as Fake LLM API Requests on Tencent Cloud Fake LLM API C2, LLM Evasion

Next-Gen Stealth: Malware Hides C2 Traffic as Fake LLM API Requests on Tencent Cloud

Do Son November 20, 2025

The Akamai Hunt team has uncovered a new malware strain that hides its command-and-control (C2) traffic behind...

Legacy Malware Resurfaces: DarkComet RAT Uses Bitcoin Wallet Lure to Deploy UPX-Packed Payload DarkComet Bitcoin Lure, Legacy RAT

Legacy Malware Resurfaces: DarkComet RAT Uses Bitcoin Wallet Lure to Deploy UPX-Packed Payload

Do Son November 13, 2025

The Lat61 Threat Intelligence Team has uncovered a new campaign using Bitcoin-themed lures to distribute DarkComet RAT,...

North Korea’s WaterPlum APT Deploys Node.js OtterCandy RAT for Crypto Theft with Anti-Forensic Module North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korea’s WaterPlum APT Deploys Node.js OtterCandy RAT for Crypto Theft with Anti-Forensic Module

Do Son October 20, 2025

A new report from NTT Security Japan has spotlighted an evolved malware family known as OtterCandy, attributed...

SVG Smuggling: Fake Colombian Judicial Lure Deploys AsyncRAT via Malicious HTA File SVG Smuggling, AsyncRAT

SVG Smuggling: Fake Colombian Judicial Lure Deploys AsyncRAT via Malicious HTA File

Do Son October 14, 2025

Seqrite Threat Research Labs has uncovered a targeted phishing campaign in Spanish designed to trick Colombian users...

Ransomware Gangs Weaponize AnyDesk, Splashtop, and Other Legitimate RATs to Bypass Security Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Ransomware Gangs Weaponize AnyDesk, Splashtop, and Other Legitimate RATs to Bypass Security

Do Son October 4, 2025

Ransomware groups are increasingly turning to legitimate Remote Access Tools (RATs) such as AnyDesk, UltraViewer, RustDesk, Splashtop,...

XWorm V6.0 Resurfaces: Modular RAT Returns with Ransomware Plugin and Advanced Evasion AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

XWorm V6.0 Resurfaces: Modular RAT Returns with Ransomware Plugin and Advanced Evasion

Do Son October 4, 2025

The latest analysis from Trellix ARC reveals the unexpected return of XWorm, a notorious Remote Access Trojan...

From Infostealer to Full RAT: Huntress Uncovers a Multi-Stage Malware Attack Deploying PureRAT AdaptixC2 Abuse, Russian Cybercrime RondoDox Botnet, Exploit Shotgun China Cyber Power, Red Hackers Nvidia cyberattack

AdaptixC2 Abuse, Russian Cybercrime RondoDox Botnet, Exploit Shotgun China Cyber Power, Red Hackers Nvidia cyberattack

From Infostealer to Full RAT: Huntress Uncovers a Multi-Stage Malware Attack Deploying PureRAT

Do Son September 29, 2025

Huntress has published a detailed investigation into a recent intrusion campaign that began as a Python-based infostealer...

New LNK Malware Uses Windows LOLBins to Evade Detection Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

New LNK Malware Uses Windows LOLBins to Evade Detection

Do Son September 25, 2025

Researchers at K7 Security Labs have uncovered a new wave of Windows shortcut (.LNK) malware that exploits...

PyPI Under Attack: New Malware ‘SilentSync’ Is Stealing Credentials SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

PyPI Under Attack: New Malware ‘SilentSync’ Is Stealing Credentials

Do Son September 22, 2025

Zscaler ThreatLabz has uncovered yet another supply chain attack against the Python Package Index (PyPI). In August...

PureHVNC RAT: Inside the HVNC Malware and the PureCoder Ecosystem Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

PureHVNC RAT: Inside the HVNC Malware and the PureCoder Ecosystem

Do Son September 17, 2025

A recent forensic investigation by Check Point Research (CPR) has shed light on the Pure malware family,...

Meet ZynorRAT: The New Cross-Platform Malware Controlled via Telegram ZynorRAT, Telegram malware

Meet ZynorRAT: The New Cross-Platform Malware Controlled via Telegram

Do Son September 13, 2025

The Sysdig Threat Research Team (TRT) has discovered a new cross-platform Remote Access Trojan (RAT) dubbed ZynorRAT,...

kkRAT: A New Malware Blends Crypto Hijacking with Legitimate RMM Tools

Do Son September 12, 2025

Zscaler ThreatLabz has identified a sophisticated malware campaign active since early May 2025, targeting Chinese-speaking users with...

MostereRAT: The New RAT That Is Bypassing Antivirus and EDR Solutions MostereRAT, defense evasion

MostereRAT: The New RAT That Is Bypassing Antivirus and EDR Solutions

Do Son September 9, 2025

FortiGuard Labs has uncovered a sophisticated phishing campaign that deploys a new Remote Access Trojan (RAT) dubbed...

AI Waifu RAT: A New Malware Masquerades as an AI Assistant to Hijack Your PC AI Waifu RAT, social engineering

AI Waifu RAT: A New Malware Masquerades as an AI Assistant to Hijack Your PC

Do Son September 2, 2025

Security researcher Ryingo has released a detailed analysis of a new malware strain dubbed the “AI Waifu...