Remote Access Trojan Archives • Page 2 of 5 • Daily CyberSecurity

Malicious PHP Packages Found Hidden in Laravel Ecosystem fast16 Malware Cyber Sabotage IronWind malware Stealc

Malicious PHP Packages Found Hidden in Laravel Ecosystem

Do Son March 6, 2026

Socket’s Threat Research Team has uncovered a sophisticated supply chain attack targeting PHP developers through Packagist, the...

Stealth and Deception: Transparent Tribe’s Multi-Stage Assault on Indian Government Entities NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

Stealth and Deception: Transparent Tribe’s Multi-Stage Assault on Indian Government Entities

Do Son March 5, 2026

Cybersecurity researchers at CYFIRMA have unmasked a sophisticated new campaign by the Pakistan-aligned threat actor Transparent Tribe...

The Explorer Trap: How Hackers Turn Windows File Explorer into a Silent Portal for Remote Access Trojans Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

The Explorer Trap: How Hackers Turn Windows File Explorer into a Silent Portal for Remote Access Trojans

Do Son February 27, 2026

Security researchers at Cofense Intelligence have uncovered a stealthy and growing malware delivery campaign that bypasses traditional...

The AI Evolution of Mobile Malware: SURXRAT V5 Combines Surveillance, Ransomware, and LLMs SURXRAT V5 AI-Assisted Android Malware

The AI Evolution of Mobile Malware: SURXRAT V5 Combines Surveillance, Ransomware, and LLMs

Do Son February 25, 2026

The Android malware landscape is undergoing a significant transformation, shifting away from simple data theft toward professionalized,...

The ‘Human Verification’ Trap: ClickFix Campaign Hijacks Trusted Sites to Deploy MIMICRAT MIMICRAT Malware ClickFix Campaign

The ‘Human Verification’ Trap: ClickFix Campaign Hijacks Trusted Sites to Deploy MIMICRAT

Do Son February 24, 2026

Security researchers are sounding the alarm over a highly sophisticated malware campaign that weaponizes human helpfulness to...

Live from Your Webcam: Remcos RAT Evolves into a Real-Time Surveillance Nightmare WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

Live from Your Webcam: Remcos RAT Evolves into a Real-Time Surveillance Nightmare

Do Son February 19, 2026

Remcos, once a commercial remote management tool turned notorious Remote Access Trojan (RAT), has received an upgrade....

Hackers Weaponize DocuSign and SimpleHelp in Stealthy New Campaign DocuSign Phishing SimpleHelp Malware

Hackers Weaponize DocuSign and SimpleHelp in Stealthy New Campaign

Do Son February 19, 2026

In a sophisticated blend of social engineering and technical evasion, cybercriminals are increasingly hiding behind trusted corporate...

New CRESCENTHARVEST Malware Targets Iranian Dissidents Zyxel security - Mitel MiCollab Vulnerability

New CRESCENTHARVEST Malware Targets Iranian Dissidents

Do Son February 18, 2026

A new cyber espionage campaign is exploiting the political unrest in Iran to target dissidents and supporters...

Poisoned Protocol: dYdX Supply Chain Attack Injects RATs into npm & PyPI dYdX Supply Chain Attack Malicious npm Package

Poisoned Protocol: dYdX Supply Chain Attack Injects RATs into npm & PyPI

Do Son February 10, 2026

A sophisticated supply chain attack has struck the dYdX decentralized exchange protocol, injecting malicious code into official...

CrashFix: New ClickFix Variant Deliberately Breaks Browsers to Deploy RAT CrashFix Malware ClickFix Campaign

CrashFix: New ClickFix Variant Deliberately Breaks Browsers to Deploy RAT

Do Son February 6, 2026

A dangerous evolution of the “ClickFix” social engineering campaign has been spotted in the wild, using a...

Transparent Tribe Weaponizes “JLPT” Tests in New Cyber-Espionage Campaign Against India Operation IconCat, UNG0801 AFP cyberattack -NetWalker Ransomware VShell RAT

Operation IconCat, UNG0801 AFP cyberattack -NetWalker Ransomware VShell RAT

Transparent Tribe Weaponizes “JLPT” Tests in New Cyber-Espionage Campaign Against India

Do Son January 5, 2026

A seemingly harmless notification about a Japanese language proficiency exam has become the latest vector for state-aligned...

The Silent Hijacker: New Cellik Android RAT Turns Legitimate Google Play Apps into Surveillance Tools Cellik Android RAT, Google Play Trojan

The Silent Hijacker: New Cellik Android RAT Turns Legitimate Google Play Apps into Surveillance Tools

Do Son December 22, 2025

A sophisticated new Android Remote Access Trojan (RAT) has surfaced in cybercrime networks, offering attackers a “turnkey”...

PyStoreRAT Uncovered: Fileless RAT Hides in Fake GitHub Repos to Launch Invisible Attacks on Developers PyStoreRAT Fileless, GitHub Supply Chain

PyStoreRAT Fileless, GitHub Supply Chain

PyStoreRAT Uncovered: Fileless RAT Hides in Fake GitHub Repos to Launch Invisible Attacks on Developers

Do Son December 16, 2025

A sophisticated new threat is stalking the open-source community, turning the trust developers place in GitHub repositories...

Sophisticated CastleRAT Backdoor Uses Steam Community Pages as Covert C2 Resolver for Espionage CastleRAT, Steam C2 Resolver

Sophisticated CastleRAT Backdoor Uses Steam Community Pages as Covert C2 Resolver for Espionage

Do Son December 9, 2025

A sophisticated new Remote Access Trojan (RAT) has emerged, blending stealthy execution with powerful data theft capabilities...

ValleyRAT Targets English Job Seekers by Trojanizing Foxit PDF Reader with DLL Sideloading Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

ValleyRAT Targets English Job Seekers by Trojanizing Foxit PDF Reader with DLL Sideloading

Do Son December 8, 2025

A sophisticated malware campaign traditionally focused on Chinese-speaking targets has expanded its scope, now aggressively targeting English-speaking...

New MaaS Operator TAG-150 Uses ClickFix Lure and Custom CastleLoader to Compromise 469 US Devices TAG-150 CastleLoader, ClickFix MaaS NetSupport RAT ClickFix, Multi-Cluster RMM

TAG-150 CastleLoader, ClickFix MaaS NetSupport RAT ClickFix, Multi-Cluster RMM

New MaaS Operator TAG-150 Uses ClickFix Lure and Custom CastleLoader to Compromise 469 US Devices

Do Son December 1, 2025

A new and aggressive player has entered the cybercrime arena. A recent report from Darktrace sheds light...

Next-Gen Stealth: Malware Hides C2 Traffic as Fake LLM API Requests on Tencent Cloud Fake LLM API C2, LLM Evasion

Next-Gen Stealth: Malware Hides C2 Traffic as Fake LLM API Requests on Tencent Cloud

Do Son November 20, 2025

The Akamai Hunt team has uncovered a new malware strain that hides its command-and-control (C2) traffic behind...

Legacy Malware Resurfaces: DarkComet RAT Uses Bitcoin Wallet Lure to Deploy UPX-Packed Payload DarkComet Bitcoin Lure, Legacy RAT

Legacy Malware Resurfaces: DarkComet RAT Uses Bitcoin Wallet Lure to Deploy UPX-Packed Payload

Do Son November 13, 2025

The Lat61 Threat Intelligence Team has uncovered a new campaign using Bitcoin-themed lures to distribute DarkComet RAT,...

Delphi PatoRAT Backdoor Hijacks LogMeIn Resolve and PDQ Connect RMM Tools for Full System Takeover PatoRAT RMM Abuse, LogMeIn Hijacking

Delphi PatoRAT Backdoor Hijacks LogMeIn Resolve and PDQ Connect RMM Tools for Full System Takeover

Do Son November 13, 2025

Researchers from the AhnLab Security Intelligence Center (ASEC) have uncovered a new malware campaign exploiting Remote Monitoring...

Booking.com Phishing Campaign Hijacks Hotel Accounts to Deliver PureRAT via ClickFix Lure PureRAT ClickFix, Booking.com Phishing

Booking.com Phishing Campaign Hijacks Hotel Accounts to Deliver PureRAT via ClickFix Lure

Do Son November 7, 2025

Threat analysts at Sekoia.io have uncovered a global phishing operation that has been targeting the hospitality industry...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Remote Access Trojan

Malicious PHP Packages Found Hidden in Laravel Ecosystem

The Explorer Trap: How Hackers Turn Windows File Explorer into a Silent Portal for Remote Access Trojans

The AI Evolution of Mobile Malware: SURXRAT V5 Combines Surveillance, Ransomware, and LLMs

Live from Your Webcam: Remcos RAT Evolves into a Real-Time Surveillance Nightmare

New CRESCENTHARVEST Malware Targets Iranian Dissidents

Poisoned Protocol: dYdX Supply Chain Attack Injects RATs into npm & PyPI

Transparent Tribe Weaponizes “JLPT” Tests in New Cyber-Espionage Campaign Against India

The Silent Hijacker: New Cellik Android RAT Turns Legitimate Google Play Apps into Surveillance Tools

PyStoreRAT Uncovered: Fileless RAT Hides in Fake GitHub Repos to Launch Invisible Attacks on Developers

Sophisticated CastleRAT Backdoor Uses Steam Community Pages as Covert C2 Resolver for Espionage

ValleyRAT Targets English Job Seekers by Trojanizing Foxit PDF Reader with DLL Sideloading

Next-Gen Stealth: Malware Hides C2 Traffic as Fake LLM API Requests on Tencent Cloud

Legacy Malware Resurfaces: DarkComet RAT Uses Bitcoin Wallet Lure to Deploy UPX-Packed Payload

Delphi PatoRAT Backdoor Hijacks LogMeIn Resolve and PDQ Connect RMM Tools for Full System Takeover

Booking.com Phishing Campaign Hijacks Hotel Accounts to Deliver PureRAT via ClickFix Lure