WarmCookie

WARMCOOKIE Resurfaces After Takedown: New Variant Adds Stealth Handlers, Uses Expired C2 Certificates Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

WARMCOOKIE Resurfaces After Takedown: New Variant Adds Stealth Handlers, Uses Expired C2 Certificates

Do Son October 3, 2025

The WARMCOOKIE backdoor has resurfaced with new features, expanded infrastructure, and updated delivery mechanisms, according to a...

CastleBot: The New MaaS Framework Fueling Info-Stealer & Ransomware Attacks CastleBot, Malware-as-a-Service

CastleBot, Malware-as-a-Service

CastleBot: The New MaaS Framework Fueling Info-Stealer & Ransomware Attacks

Do Son August 11, 2025

IBM X-Force has unveiled an in-depth analysis of CastleBot, a newly emerging Malware-as-a-Service (MaaS) framework that is...

New WarmCookie/BadSpace Malware Targets Organizations Espionage Group Daggerfly

Espionage Group Daggerfly

New WarmCookie/BadSpace Malware Targets Organizations

Do Son October 23, 2024

Cisco Talos researchers uncovered a new and highly adaptive malware family, WarmCookie, also referred to as BadSpace....