threat intelligence Archives • Page 11 of 12 • Daily CyberSecurity

SHOE RACK Malware: NCSC Uncovers Stealthy Reverse SSH & DoH Post-Exploitation Tool Targeting FortiGate Firewalls SHOE RACK Malware, Reverse SSH

SHOE RACK Malware: NCSC Uncovers Stealthy Reverse SSH & DoH Post-Exploitation Tool Targeting FortiGate Firewalls

Ddos June 24, 2025

A new malware tool dubbed SHOE RACK has come under the microscope of the UK’s National Cyber...

Confucius Group Evolves: Researcher Uncovers New Modular Backdoor “Anondoor” in Latest Espionage Campaign Confucius APT, Anondoor Backdoor

Confucius Group Evolves: Researcher Uncovers New Modular Backdoor “Anondoor” in Latest Espionage Campaign

Ddos June 23, 2025

The Confucius APT group—long associated with cyber-espionage operations targeting government and military organizations in South and East...

Prometei Botnet Evolves: Linux Variant Returns With Stealthier Payloads and Monero Mining Focus Prometei Botnet, Linux Malware

Prometei Botnet Evolves: Linux Variant Returns With Stealthier Payloads and Monero Mining Focus

Ddos June 23, 2025

In March 2025, researchers at Palo Alto Networks’ Unit 42 uncovered a resurgence of the Prometei botnet,...

NCSC Uncovers “UMBRELLA STAND” Malware: Stealthy Backdoor Targets Fortinet FortiGate Firewalls Fortinet Malware, Cyber-Espionage

NCSC Uncovers “UMBRELLA STAND” Malware: Stealthy Backdoor Targets Fortinet FortiGate Firewalls

Ddos June 23, 2025

A new malware campaign dubbed UMBRELLA STAND has been uncovered by the UK’s National Cyber Security Centre...

RapperBot Resurfaces: 50,000+ Bots Demand Monero Extortion in New DDoS Campaigns RapperBot Botnet, DDoS Extortion

RapperBot Resurfaces: 50,000+ Bots Demand Monero Extortion in New DDoS Campaigns

Ddos June 23, 2025

A botnet called RapperBot blends technical evolution with internet-era bravado to launch attacks on over 50,000 devices...

Shadow Vector: Malicious SVGs Deliver AsyncRAT & RemcosRAT in Colombian Phishing Campaign! Shadow Vector, RAT Malware

Shadow Vector: Malicious SVGs Deliver AsyncRAT & RemcosRAT in Colombian Phishing Campaign!

Ddos June 23, 2025

The Acronis Threat Research Unit (TRU) has uncovered a stealthy and technically mature malware campaign dubbed Shadow...

Fileless Masslogger Infostealer Spreading via VBScript (.VBE) & Hiding in Your Registry GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Fileless Masslogger Infostealer Spreading via VBScript (.VBE) & Hiding in Your Registry

Ddos June 21, 2025

Hackers have once again employed rarely used yet remarkably effective techniques to compromise systems—this time by disguising...

ComfyUI Under Attack: “Pickai” C++ Backdoor Compromises 700+ AI Image Generation Servers Globally

Ddos June 20, 2025

In a concerning development for AI infrastructure security, XLab has uncovered an active exploitation campaign targeting ComfyUI—a...

KimJongRAT Returns: New PE & PowerShell Variants Steal Crypto and Browser Data via CDNs

Ddos June 18, 2025

Unit 42 has uncovered two newly evolved variants of the KimJongRAT malware, one using traditional PE (Portable...

Katz Stealer: New Stealthy MaaS Steals Everything, Hides in Images, and Hijacks Discord

Ddos June 16, 2025

In 2025, cybersecurity analysts witnessed the emergence of a sophisticated and highly evasive info-stealer known as Katz...

Obscure VBScript “sostener.vbs” Unmasked: Fuels Multi-Stage RAT Delivery, Linked to Blind Eagle APT

Ddos June 16, 2025

In a deeply revealing investigation, Censys researchers have uncovered a web of malicious infrastructure revolving around a...

Spectra Ransomware: Chaos Evolution with Double Extortion & System Evasion Chaos Evolution Spectra Ransomware

Spectra Ransomware: Chaos Evolution with Double Extortion & System Evasion

Ddos June 14, 2025

In a newly published report, K7 Labs has uncovered a potent ransomware variant known as Spectra Ransomware,...

BlackSuit Affiliates Continue Social Engineering Attacks with Upgraded Java RAT and Cloud Abuse The credential harvesting window used by the Java RAT

The credential harvesting window used by the Java RAT

BlackSuit Affiliates Continue Social Engineering Attacks with Upgraded Java RAT and Cloud Abuse

Ddos June 12, 2025

Rapid7’s latest threat intelligence report shines a spotlight on the evolving tactics of threat actors formerly affiliated...

DuplexSpy RAT: New C# Malware Toolkit Emerges on GitHub RAT

DuplexSpy RAT: New C# Malware Toolkit Emerges on GitHub

Ddos June 9, 2025

CYFIRMA’s Threat Intelligence Team has published an in-depth analysis of DuplexSpy RAT, a powerful and modular remote...

TA397’s Global Targeting Tactics Reveal Indian State-Backed Cyber Operations TA397, India Cyber Espionage

TA397’s Global Targeting Tactics Reveal Indian State-Backed Cyber Operations

Ddos June 7, 2025

A new report from Proofpoint Threat Research, in collaboration with Threatray, reveals mounting evidence that TA397 (also...

PumaBot: New Stealthy Linux Botnet Evades Detection, Targets IoT Devices PumaBot, Linux Botnet

PumaBot: New Stealthy Linux Botnet Evades Detection, Targets IoT Devices

Ddos June 1, 2025

Cybersecurity researchers at Darktrace have exposed a stealthy and persistent Linux-based botnet dubbed PumaBot, which leverages Go...

Kuwait Under Attack: 230+ Domains Used in Sophisticated Phishing Operation Kuwait phishing Phishing campaign

Kuwait Under Attack: 230+ Domains Used in Sophisticated Phishing Operation

Ddos May 19, 2025

In a newly published threat intelligence report, Hunt.io researchers have detailed an active and sophisticated phishing campaign...

Agenda Ransomware Evolves with NETXLOADER and SmokeLoader in Global Campaigns Agenda ransomware, NETXLOADER

Agenda Ransomware Evolves with NETXLOADER and SmokeLoader in Global Campaigns

Ddos May 8, 2025

Agenda ransomware, also known as Qilin, has returned. In a recent exposé by Trend Micro, researchers have...

APT36 Suspected in India Gov Spoofing Phishing with ClickFix Tactics APT36 phishing, ClickFix campaign

APT36 Suspected in India Gov Spoofing Phishing with ClickFix Tactics

Ddos May 8, 2025

Hunt.io, a threat hunting platform, has revealed a sophisticated phishing campaign using ClickFix-style tactics and spoofed Indian...

Lampion Malware Returns with ClickFix Tactics to Target Portuguese Sectors Lampion, ClickFix

Lampion Malware Returns with ClickFix Tactics to Target Portuguese Sectors

Ddos May 8, 2025

Lampion, the banking malware first observed in 2019, has reemerged with new tricks. In a detailed analysis,...