SocGholish Archives • Daily CyberSecurity

GRU Unit 29155 Uses SocGholish to Target US Firm RomCom, SocGholish

GRU Unit 29155 Uses SocGholish to Target US Firm

Do Son November 26, 2025

In a significant escalation of the cyber threat landscape, Arctic Wolf Labs has identified a campaign where...

The SocGholish Malware Economy: Stealthy “Fake Updates” Fuel a Global Cybercrime Ecosystem SocGholish, Initial Access Broker

The SocGholish Malware Economy: Stealthy “Fake Updates” Fuel a Global Cybercrime Ecosystem

Do Son August 8, 2025

Silent Push Threat Analysts have detailed one of today’s most pervasive cyber threats—SocGholish—exposing its deep ties to...

SocGholish and RansomHub: Sophisticated Attack Campaign Targeting Corporate Networks SocGholish, RansomHub

SocGholish and RansomHub: Sophisticated Attack Campaign Targeting Corporate Networks

Do Son April 28, 2025

The eSentire’s Threat Response Unit (TRU) discovered a sophisticated cyberattack campaign linking SocGholish (also known as FakeUpdates)...

Raspberry Robin: From Copy Shop Worm to Russian GRU Cyber Tool

Do Son March 27, 2025

Raspberry Robin, also known as Roshtyak or Storm-0856, has evolved from a simple worm targeting copy shops...

SocGholish Malware Facilitates RansomHub Distribution GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

SocGholish Malware Facilitates RansomHub Distribution

Do Son March 17, 2025

A new analysis by Trend Research has shed light on intrusion techniques involving the malware-as-a-service (MaaS) framework...

TA2726 & TA2727: Hackers Deploy Fake Updates to Spread Malware TA2726 and TA2727 & FrigidStealer malware

TA2726 & TA2727: Hackers Deploy Fake Updates to Spread Malware

Do Son February 20, 2025

Cybersecurity researchers at Proofpoint have identified two new cybercriminal threat actors, TA2726 and TA2727, actively exploiting fake...

TAG-124: A Deep Dive into the Traffic Distribution System Powering Malware Campaigns

Do Son February 4, 2025

Cybersecurity researchers at Insikt Group have uncovered a multi-layered traffic distribution system (TDS), dubbed TAG-124, which is...

10,000 WordPress Websites Compromised to Deliver macOS and Windows Malware SocGholish Windows malware

10,000 WordPress Websites Compromised to Deliver macOS and Windows Malware

Do Son February 3, 2025

A new report reveals that over 10,000 WordPress websites have been compromised to deliver malware targeting both...

Fake Browser Updates Lead to Malicious BOINC Installations FakeUpdates malware

Fake Browser Updates Lead to Malicious BOINC Installations

Do Son July 21, 2024

Huntress, a prominent cybersecurity firm, has recently uncovered a new wave of malicious activities involving the well-known...

SocGholish Campaign Targets Business Networks via Fake Browser Updates

Do Son May 8, 2024

eSentire’s Threat Response Unit (TRU) has detailed a sophisticated SocGholish campaign by the cyber threat group. Notorious...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

SocGholish

GRU Unit 29155 Uses SocGholish to Target US Firm

The SocGholish Malware Economy: Stealthy “Fake Updates” Fuel a Global Cybercrime Ecosystem

SocGholish and RansomHub: Sophisticated Attack Campaign Targeting Corporate Networks

Raspberry Robin: From Copy Shop Worm to Russian GRU Cyber Tool

SocGholish Malware Facilitates RansomHub Distribution

TA2726 & TA2727: Hackers Deploy Fake Updates to Spread Malware

TAG-124: A Deep Dive into the Traffic Distribution System Powering Malware Campaigns

10,000 WordPress Websites Compromised to Deliver macOS and Windows Malware

Fake Browser Updates Lead to Malicious BOINC Installations

SocGholish Campaign Targets Business Networks via Fake Browser Updates