Skip to main content
← All Tags

Malware

77 articles in this category (Page 2 of 4)

AI NewsCybersecurityMalware

PLUGGYAPE Malware Leverages Signal and WhatsApp to Target Ukrainian Defense

CERT-UA reports PLUGGYAPE malware attacks targeting Ukrainian defense forces via Signal and WhatsApp, demonstrating a shift towards encrypted messaging app exploitation.

Read more
AI NewsCloud SecurityMalware

VoidLink Malware Poses Advanced Threat to Linux Systems

Researchers discovered VoidLink, a modular 'cloud-first' malware framework designed for stealthy, long-term access to Linux environments.

Read more
AI NewsMalwareCloud Security

AsyncRAT Malware Delivered via Cloudflare and Python Exploits

A recent phishing campaign leverages Cloudflare and Python to deliver AsyncRAT malware, highlighting the increasing abuse of legitimate services for malicious purposes.

Read more
AI NewsCybersecurityMalware

SHADOW#REACTOR Malware Campaign Deploys Remcos RAT via Multi-Stage Attack

SHADOW#REACTOR is a new malware campaign leveraging VBS, PowerShell, and MSBuild to deliver Remcos RAT, achieving stealthy and persistent remote access.

Read more
AI NewsMalwareCybersecurity

Shadow#Reactor Uses Text Files to Deliver Remcos RAT

The Shadow#Reactor campaign delivers the Remcos RAT via text-based payloads, bypassing traditional security measures and leveraging legitimate system utilities.

Read more
AI NewsSecurityMalware

Black Cat SEO Poisoning Campaign Targets Software Downloads

Black Cat ransomware group is using SEO poisoning to distribute malware via fake software download sites, impacting users searching for popular tools.

Read more
AI NewsCybersecurityMalware

NodeCordRAT Delivered via Malicious npm Packages

Researchers discovered NodeCordRAT, a new RAT delivered through three npm packages (bitcoin-main-lib, bitcoin-lib-js, bip40) with over 3,290 total downloads.

Read more
AI NewsCyber SecurityMalware

WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging

Astaroth banking malware is spreading in Brazil through WhatsApp messages, leveraging a Python-based worm to compromise systems and steal credentials.

Read more
AI NewsCyber SecurityMalware

Black Cat Behind SEO Poisoning Malware Campaign Targeting Popular Software Searches

Black Cat ransomware group compromised nearly 278,000 systems in China using SEO poisoning and fake software downloads.

Read more
AI NewsCybersecurityMalware

PHALT#BLYX Campaign Targets European Hotels with DCRat Malware

A new PHALT#BLYX campaign is exploiting European hotels with fake Booking.com emails leading to DCRat malware deployment.

Read more
AI NewsCybersecurityMalware

Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks

Kimwolf is an Android botnet that infected 2M+ devices via exposed ADB, using proxy networks to run DDoS attacks and sell residential bandwidth.

Read more
AI NewsCybersecurityMalware

VVS Stealer Malware Targets Discord Accounts with Python Obfuscation

VVS Stealer, a Python-based malware sold for as little as $11.69, steals Discord tokens, browser data, and credentials using Pyarmor obfuscation.

Read more
AI NewsCybersecurityMalware

Silver Fox Targets Indian Users With ValleyRAT Malware via Tax-Themed Phishing

Silver Fox is deploying ValleyRAT, a modular Windows RAT, through India income tax phishing emails, resulting in potential credential theft and system compromise.

Read more
AI NewsCyber SecurityMalware

New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper

A new MacSync macOS stealer spreads via a signed, notarized fake installer, bypassing Apple Gatekeeper before Apple revoked the certificate.

Read more
AI NewsCybersecurityMalware

CountLoader and GachiLoader Malware Spread via Cracked Software and YouTube

Researchers discovered a campaign distributing CountLoader, GachiLoader, and info stealers through cracked software and compromised YouTube videos, impacting an estimated 220,000 views.

Read more
AI NewsCybersecurityMalware

Kimsuky Spreads DocSwap Android Malware via QR Phishing

North Korean group Kimsuky leverages QR code phishing sites disguised as CJ Logistics to distribute DocSwap Android malware, enabling remote access and data theft.

Read more
AI NewsCybersecurityMalware

VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption

The VolkLocker ransomware, used by the CyberVolk hacktivist group, has a critical flaw: a hard-coded master key enabling free decryption of encrypted files.

Read more
AI NewsCybersecurityMalware

NANOREMOTE Malware Leverages Google Drive API for Covert Windows Control

NANOREMOTE, a new Windows backdoor, utilizes the Google Drive API for command-and-control, enabling stealthy data theft and payload delivery.

Read more
AI NewsCybersecurityMalware

JS#SMUGGLER Campaign Deploys NetSupport RAT via Compromised Websites

Researchers detail JS#SMUGGLER, a multi-stage web attack leveraging JavaScript, HTA, and PowerShell, resulting in NetSupport RAT deployment.

Read more
AI NewsCybersecurityMalware

MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign

Iranian threat actor MuddyWater utilizes the UDPGangster malware, achieving a 90% success rate in initial access through macro phishing in recent attacks.

Read more
AI NewsCybersecurityMalware

CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems

CISA identifies BRICKSTORM malware enabling persistent, stealthy access in U.S. VMware and Windows systems.

Read more
AI NewsCybersecurityMalware

GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections

GoldFactory's modified banking apps caused 11,000+ infections in Southeast Asia via government impersonation scams.

Read more
AI NewsCybersecurityMalware

Silver Fox Uses Fake Microsoft Teams Installer to Spread ValleyRAT Malware in China

Silver Fox leverages SEO poisoning and fake Microsoft Teams installers to deploy ValleyRAT malware, targeting Chinese organizations since November 2025.

Read more
AI NewsCybersecurityMalware

Brazil Faces Advanced Cyberattacks via WhatsApp Worms and NFC Relay Fraud

Brazilian users targeted by Water Saci banking trojan and RelayNFC malware using WhatsApp worms and real-time NFC payment theft.

Read more