Malware

77 articles in this category (Page 1 of 4)

AI NewsCybersecurityMalware

GlassWorm Malware: Solana Dead Drops and Browser Data Theft via Rogue Extensions

GlassWorm exploits Solana blockchain memos and Google Calendar to deliver data-stealing RATs targeting developers via compromised npm and MCP packages.

Mar 25, 2026

AI NewsSupply Chain SecurityMalware

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

CanisterWorm has infected 47 npm packages, using ICP canisters for C2 resolution and self-propagating via stolen developer authentication tokens.

Mar 21, 2026

AI NewsCybersecurityMalware

China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery

China-linked DKnife framework compromises routers for traffic hijacking, credential theft, and malware delivery, targeting edge devices with a modular architecture of seven Linux-based implants.

Feb 6, 2026

AI NewsCybersecurityMalware

Attackers Exploit Windows Screensavers to Drop Malware

Threat actors leverage .scr file type to bypass defender lines and compromise organizations, with over 70% of Windows users vulnerable to screensaver-based attacks.

Feb 4, 2026

AI NewsCybersecurityMalware

Microsoft Warns of Python Infostealers Targeting macOS

Python infostealers are spreading to macOS via fake ads and installers, stealing credentials and financial data at scale.

Feb 4, 2026

AI NewsCybersecurityMalware

eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware

Attackers breached eScan antivirus update infrastructure to push malicious updates, deploying persistent malware on enterprise and consumer systems, affecting hundreds of machines globally.

Feb 2, 2026

AI NewsCybersecurityMalware

Notepad++ Update Mechanism Hijacked to Deliver Malware

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious downloads since June 2025.

Feb 2, 2026

AI NewsCybersecurityMalware

Researchers Uncover 341 Malicious ClawHub Skills Targeting OpenClaw Users

A security audit reveals 341 malicious skills on ClawHub, exposing OpenClaw users to data theft and malware attacks.

Feb 2, 2026

AI NewsCybersecurityMalware

Fake Moltbot AI Coding Assistant Drops Malware on VS Code

A malicious VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware, giving attackers persistent remote access to developer systems.

Jan 28, 2026

AI NewsCybersecurityMalware

Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks

China-linked Mustang Panda used updated COOLCLIENT malware in 2025 to steal data from government and telecom targets, affecting Asia and Russia with comprehensive data theft from infected endpoints.

Jan 28, 2026

AI NewsCybersecurityMalware

China-Linked Hackers Utilize PeckBirdy JavaScript C2 Framework

Experts reveal PeckBirdy, a JavaScript C2 framework used by China-aligned attackers to spread malware via fake updates and web injections since 2023.

Jan 27, 2026

AI NewsMalwareBrowser Security

‘Stanley’ Toolkit Turns Chrome Into Undetectable Phishing Vector

The 'Stanley' malware-as-a-service kit enables undetectable phishing attacks via malicious Chrome extensions, costing enterprises potential credential compromise.

Jan 27, 2026

AI NewsCybersecurityMalware

Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware

A sophisticated cyber espionage campaign targets Indian users with tax phishing, deploying Blackmoon malware and abusing SyncFuture TSM tools for data theft.

Jan 26, 2026

AI NewsCybersecurityMalware

Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware

A sophisticated phishing campaign targeting Russia leverages GitHub, Dropbox, and 'defendnot' to disable Microsoft Defender and deploy Amnesia RAT and ransomware.

Jan 24, 2026

AI NewsMalwareCybersecurity

Complex VoidLink Linux Malware Created by AI

Researchers discovered VoidLink, a sophisticated Linux malware framework built almost entirely by AI, signaling a new era of rapid, high-complexity attacks.

Jan 21, 2026

AI NewsCybersecurityMalware

‘Contagious Interview’ Attack Now Delivers Backdoor Via VS Code

North Korean threat actors are exploiting Visual Studio Code to deliver a JavaScript backdoor, enabling remote code execution with no user interaction.

Jan 21, 2026

AI NewsCybersecurityMalware

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers are exploiting Visual Studio Code task files in fake job projects to deploy backdoors and crypto miners, demonstrating a sophisticated evolution in attack tactics.

Jan 21, 2026

AI NewsCybersecurityMalware

VoidLink: AI-Assisted Linux Malware Framework Reaches 88,000 Lines of Code

The VoidLink Linux malware framework was largely built using AI assistance, reaching 88,000 lines of code in just weeks, demonstrating accelerated malware development.

Jan 21, 2026

AI NewsCybersecurityMalware

‘CrashFix’ Scam Crashes Browsers, Delivers Malware

The 'CrashFix' scam utilizes a malicious browser extension, intentional crashes, and a Python-based RAT to compromise systems, targeting both home users and corporate networks.

Jan 20, 2026

AI NewsCybersecurityMalware

Evelyn Stealer Malware Abuses VS Code Extensions

Evelyn Stealer malware compromises developers by exploiting VS Code extensions, resulting in theft of credentials, browser data, and cryptocurrency wallets.

Jan 20, 2026

AI NewsCybersecurityMalware

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

A new LinkedIn phishing campaign delivers a remote access trojan (RAT) via DLL sideloading, exploiting trusted software and bypassing traditional security measures.

Jan 20, 2026

AI NewsCybersecurityMalware

StealC Malware Panel Vulnerability Exposed Threat Actor Operations

Researchers exploited an XSS flaw in the StealC malware panel to monitor a threat actor’s operations, stealing over 30 million cookies and 390,000 passwords.

Jan 19, 2026

AI NewsCybersecurityMalware

GootLoader Malware Employs 500-1,000 Concatenated ZIP Archives for Evasion

GootLoader malware utilizes malformed ZIP archives containing 500–1,000 concatenated files to bypass detection by tools like WinRAR.

Jan 16, 2026

AI NewsCybersecurityMalware

DLL Side-Loading Exploited in Malware Campaign Delivering Trojans and RATs

A recent campaign leverages a c-ares DLL side-loading vulnerability in a signed GitKraken binary, resulting in the delivery of diverse malware like Agent Tesla and XWorm.

Jan 14, 2026