threat intelligence Archives • Page 12 of 13 • Daily CyberSecurity

KimJongRAT Returns: New PE & PowerShell Variants Steal Crypto and Browser Data via CDNs KimJong

KimJongRAT Returns: New PE & PowerShell Variants Steal Crypto and Browser Data via CDNs

Do Son June 18, 2025

Unit 42 has uncovered two newly evolved variants of the KimJongRAT malware, one using traditional PE (Portable...

Katz Stealer: New Stealthy MaaS Steals Everything, Hides in Images, and Hijacks Discord

Do Son June 16, 2025

In 2025, cybersecurity analysts witnessed the emergence of a sophisticated and highly evasive info-stealer known as Katz...

Obscure VBScript “sostener.vbs” Unmasked: Fuels Multi-Stage RAT Delivery, Linked to Blind Eagle APT

Do Son June 16, 2025

In a deeply revealing investigation, Censys researchers have uncovered a web of malicious infrastructure revolving around a...

Spectra Ransomware: Chaos Evolution with Double Extortion & System Evasion Chaos Evolution Spectra Ransomware

Spectra Ransomware: Chaos Evolution with Double Extortion & System Evasion

Do Son June 14, 2025

In a newly published report, K7 Labs has uncovered a potent ransomware variant known as Spectra Ransomware,...

BlackSuit Affiliates Continue Social Engineering Attacks with Upgraded Java RAT and Cloud Abuse The credential harvesting window used by the Java RAT

The credential harvesting window used by the Java RAT

BlackSuit Affiliates Continue Social Engineering Attacks with Upgraded Java RAT and Cloud Abuse

Do Son June 12, 2025

Rapid7’s latest threat intelligence report shines a spotlight on the evolving tactics of threat actors formerly affiliated...

DuplexSpy RAT: New C# Malware Toolkit Emerges on GitHub RAT

DuplexSpy RAT: New C# Malware Toolkit Emerges on GitHub

Do Son June 9, 2025

CYFIRMA’s Threat Intelligence Team has published an in-depth analysis of DuplexSpy RAT, a powerful and modular remote...

TA397’s Global Targeting Tactics Reveal Indian State-Backed Cyber Operations TA397, India Cyber Espionage

TA397’s Global Targeting Tactics Reveal Indian State-Backed Cyber Operations

Do Son June 7, 2025

A new report from Proofpoint Threat Research, in collaboration with Threatray, reveals mounting evidence that TA397 (also...

PumaBot: New Stealthy Linux Botnet Evades Detection, Targets IoT Devices PumaBot, Linux Botnet

PumaBot: New Stealthy Linux Botnet Evades Detection, Targets IoT Devices

Do Son June 1, 2025

Cybersecurity researchers at Darktrace have exposed a stealthy and persistent Linux-based botnet dubbed PumaBot, which leverages Go...

Kuwait Under Attack: 230+ Domains Used in Sophisticated Phishing Operation Kuwait phishing Phishing campaign

Kuwait Under Attack: 230+ Domains Used in Sophisticated Phishing Operation

Do Son May 19, 2025

In a newly published threat intelligence report, Hunt.io researchers have detailed an active and sophisticated phishing campaign...

Agenda Ransomware Evolves with NETXLOADER and SmokeLoader in Global Campaigns Agenda ransomware, NETXLOADER

Agenda Ransomware Evolves with NETXLOADER and SmokeLoader in Global Campaigns

Do Son May 8, 2025

Agenda ransomware, also known as Qilin, has returned. In a recent exposé by Trend Micro, researchers have...

APT36 Suspected in India Gov Spoofing Phishing with ClickFix Tactics APT36 phishing, ClickFix campaign

APT36 Suspected in India Gov Spoofing Phishing with ClickFix Tactics

Do Son May 8, 2025

Hunt.io, a threat hunting platform, has revealed a sophisticated phishing campaign using ClickFix-style tactics and spoofed Indian...

Lampion Malware Returns with ClickFix Tactics to Target Portuguese Sectors Lampion, ClickFix

Lampion Malware Returns with ClickFix Tactics to Target Portuguese Sectors

Do Son May 8, 2025

Lampion, the banking malware first observed in 2019, has reemerged with new tricks. In a detailed analysis,...

NCSC Warns of Pervasive Ransomware Threat: Act Now Ransomware, Cyber Security

NCSC Warns of Pervasive Ransomware Threat: Act Now

Do Son May 5, 2025

The UK’s National Cyber Security Centre (NCSC) has issued a warning: ransomware and cyber extortion are no...

Luna Moth’s Callback Phishing Attacks Target US Legal and Financial Firms

Do Son May 3, 2025

A new threat intelligence report from EclecticIQ unveils the evolving tradecraft of Luna Moth, a financially motivated...

Nebulous Mantis Cyber Espionage Group: RomCom RAT and Hybrid Tactics

Do Son May 3, 2025

A new threat intelligence report by PRODAFT details Nebulous Mantis, a Russian-speaking cyber espionage group operating under...

Infoblox Exposes $5.7B Investment Scam Surge Fueled by RDGAs and DNS Abuse Investment Scams RDGA

Infoblox Exposes $5.7B Investment Scam Surge Fueled by RDGAs and DNS Abuse

Do Son April 30, 2025

In a revealing new report, Infoblox Threat Intelligence warns that investment scams are evolving rapidly—contributing to record-breaking...

Larva-24005: Kimsuky’s Global Cyber Espionage Campaign Exploits RDP and Office Flaws Larva-24005, Kimsuky

Larva-24005: Kimsuky’s Global Cyber Espionage Campaign Exploits RDP and Office Flaws

Do Son April 21, 2025

A new cybersecurity report from the AhnLab Security intelligence Center (ASEC) has shed light on a recently...

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

APT41/RedGolf Infrastructure Briefly Exposed: Fortinet Zero-Days Targeted Shiseido

Do Son April 21, 2025

In a rare window into the operations of an advanced persistent threat, a KeyPlug-linked infrastructure briefly went...

XorDDoS Evolves: Cisco Talos Uncovers “VIP” Controller Fueling Global DDoS Campaigns

Do Son April 19, 2025

A new report from Cisco Talos Intelligence Group reveals the continued global spread and evolution of the...

DarkHotel APT Group’s Evolving Attack Techniques DarkHotel, APT group

DarkHotel APT Group’s Evolving Attack Techniques

Do Son April 15, 2025

A recent investigation by the Knownsec 404 Advanced Threat Intelligence Team has uncovered a new wave of...

Critical Alert 1 Active Exploit Detected Today