threat intelligence Archives • Page 8 of 12 • Daily CyberSecurity

Cash Out: FBI Warns of $20M ATM ‘Jackpotting’ Surge Driven by Ploutus Malware ATM Jackpotting Ploutus Malware

Cash Out: FBI Warns of $20M ATM ‘Jackpotting’ Surge Driven by Ploutus Malware

Ddos February 23, 2026

The Federal Bureau of Investigation (FBI) has issued an urgent FLASH report warning financial institutions of a...

Infoblox Exposes Hybrid Malvertising & “Pig Butchering” Scam Hybrid Crypto Scam Pig Butchering Malvertising

Infoblox Exposes Hybrid Malvertising & “Pig Butchering” Scam

Ddos February 20, 2026

Cybercriminals are continuously evolving their tactics to maximize profits, and a new hybrid scam has emerged on...

Live from Your Webcam: Remcos RAT Evolves into a Real-Time Surveillance Nightmare WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

Live from Your Webcam: Remcos RAT Evolves into a Real-Time Surveillance Nightmare

Ddos February 19, 2026

Remcos, once a commercial remote management tool turned notorious Remote Access Trojan (RAT), has received an upgrade....

Unmasking the Proxy: Silent Push “Traffic Origin” Exposes True Actor Locations Residential Proxy Detection

Unmasking the Proxy: Silent Push “Traffic Origin” Exposes True Actor Locations

Ddos February 11, 2026

A new report by Silent Push reveals how advanced traffic analysis can strip away the digital masks...

Invisible Intruder: “ShadowHS” Malware Weaponizes Hackshell on Linux ShadowHS Malware Linux Fileless Intrusion

Invisible Intruder: “ShadowHS” Malware Weaponizes Hackshell on Linux

Ddos February 4, 2026

Cyble Research & Intelligence Labs (CRIL) has uncovered a sophisticated Linux intrusion chain dubbed ShadowHS, a campaign...

The Soviet Ghost: How Carding Markets Survive on Legacy Domains BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

The Soviet Ghost: How Carding Markets Survive on Legacy Domains

Ddos January 12, 2026

A new analysis by Team Cymru researchers has shed light on the physical and digital infrastructure powering...

BlueDelta Espionage: Russian Hackers Abuse Free Apps to Target Energy Sector BlueDelta Espionage Credential Harvesting

BlueDelta Espionage: Russian Hackers Abuse Free Apps to Target Energy Sector

Ddos January 9, 2026

A notorious Russian state-sponsored hacking group has evolved its digital espionage toolkit, launching a sophisticated wave of...

Microsoft Warns of Surge in Internal Domain Spoofing Internal Phishing Attacks Tycoon2FA

Microsoft Warns of Surge in Internal Domain Spoofing

Ddos January 7, 2026

A wave of sophisticated phishing attacks is hitting organizations by exploiting a classic weakness: the trust users...

Popular Chinese Utility Hijacked to Deploy Browser Malware Grafana Exploitation, Coordinated Scanning Arcserve UDP Vulnerabilities

Popular Chinese Utility Hijacked to Deploy Browser Malware

Ddos January 7, 2026

The RedDrip Team at QiAnXin Technology’s Threat Intelligence Center has uncovered a widespread malware campaign hiding inside...

“Silver Fox” Unmasked: Chinese APT Group Impersonates Indian Tax Officials in Targeted Cyber Campaign Silver Fox APT, Valley RAT

“Silver Fox” Unmasked: Chinese APT Group Impersonates Indian Tax Officials in Targeted Cyber Campaign

Ddos December 26, 2025

As tax season approaches, a sophisticated cyber-espionage campaign is targeting Indian organizations with highly convincing phishing lures....

The Ghost in the Market: Unmasking “Fly,” the Secret Architect of the Infamous Russian Market CRussian Market, "Fly" (Flyded) hange Healthcare Cyberattack - CVE-2024-50603 Exploit

CRussian Market, "Fly" (Flyded) hange Healthcare Cyberattack - CVE-2024-50603 Exploit

The Ghost in the Market: Unmasking “Fly,” the Secret Architect of the Infamous Russian Market

Ddos December 25, 2025

For over a decade, Russian Market has stood as a pillar of the cybercrime underground, a sprawling...

Shadows of the North: Unmasking the Sprawling Cyber Infrastructure of the DPRK DPRK Cyber Ecosystem, Unified Hacking Infrastructure

Shadows of the North: Unmasking the Sprawling Cyber Infrastructure of the DPRK

Ddos December 22, 2025

A new collaborative investigation has exposed the intricate and overlapping infrastructure powering North Korea’s most notorious cyber...

The BOSS Breach: APT36 Pivots to Linux Espionage with “Silent” Shortcuts Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

The BOSS Breach: APT36 Pivots to Linux Espionage with “Silent” Shortcuts

Ddos December 2, 2025

A prominent state-aligned threat actor has significantly evolved its arsenal, launching a sophisticated campaign targeting the Linux-based...

Rent-a-Domain: Report Details How APTs and Cybercriminals Abuse DDNS Services for Malicious Infrastructure NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

Rent-a-Domain: Report Details How APTs and Cybercriminals Abuse DDNS Services for Malicious Infrastructure

Ddos September 30, 2025

A new analysis from Silent Push Threat Analysts highlights the growing misuse of publicly rentable subdomain providers,...

MuddyWater APT Shifts Tactics to Custom Malware MuddyWater APT ANY.RUN security incident

MuddyWater APT Shifts Tactics to Custom Malware

Ddos September 19, 2025

Group-IB analysts have released new intelligence on MuddyWater, the Iranian state-sponsored APT linked to Tehran’s Ministry of...

XillenStealer: New Open-Source Malware Lowers Cybercrime Barrier XillenStealer, open-source malware

XillenStealer: New Open-Source Malware Lowers Cybercrime Barrier

Ddos September 19, 2025

CYFIRMA has released a detailed threat intelligence assessment of XillenStealer, an emerging open-source, Python-based malware family that...

North Korean Hackers Evolve Tactics with New Malware Campaign North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korean Hackers Evolve Tactics with New Malware Campaign

Ddos September 19, 2025

GitLab Threat Intelligence has published a detailed analysis of a new malware campaign linked to North Korean...

SmokeLoader Rises From the Ashes with New, Evasive Variants SmokeLoader, Malware

SmokeLoader Rises From the Ashes with New, Evasive Variants

Ddos September 17, 2025

First emerging in 2011, SmokeLoader (also known as Smoke or Dofoil) has remained one of the most...

HijackLoader: The Stealthy Malware Loader Powering Modern Cyberattacks Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT