Skip to main content
← All Tags

Malware

77 articles in this category (Page 3 of 4)

AI NewsCybersecurityMalware

New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control

Albiriox MaaS malware targets 400+ financial apps, enabling on-device fraud and remote screen control.

Read more
AI NewsCybersecurityMalware

PyStoreRAT: GitHub-Distributed JavaScript RAT Targets Developers

A new JavaScript-based RAT, PyStoreRAT, is spreading through malicious GitHub repositories, leveraging OSINT and utility tool facades to compromise systems and steal cryptocurrency wallets.

Read more
AI NewsCybersecurityMalware

North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware

North Korean hackers deployed 197 malicious npm packages, downloaded 31,000 times, to spread evolved OtterCookie malware via fake job interviews.

Read more
AI NewsCybersecurityMalware

RomCom Leverages SocGholish Fake Updates to Deploy Mythic Agent Malware

First observed use of SocGholish by RomCom in a U.S. engineering firm attack, blocked before escalation.

Read more
AI NewsCybersecurityMalware

DPRK's FlexibleFerret Expands macOS Credential Theft Campaign

North Korea-linked malware campaign uses social engineering to steal macOS credentials, leveraging fake job portals and Terminal exploits (2025).

Read more
AI NewsCybersecurityMalware

Hackers Hijack Blender 3D Assets to Deploy StealC V2 Data-Stealing Malware

A new campaign leverages malicious Blender .blend files on CGTrader to install StealC V2, stealing data from browsers, plugins, and crypto wallets.

Read more
AI NewsCybersecurityMalware

JackFix Campaign Leverages Fake Windows Updates to Deploy Multiple Stealers

The JackFix campaign utilizes deceptive fake Windows update pop-ups on adult websites to deliver multi-stage PowerShell malware, resulting in potential data theft and system compromise.

Read more
AI NewsCybersecurityMalware

ShadowPad Malware Exploits WSUS Vulnerability for System Access

ShadowPad malware is actively exploiting CVE-2025-59287 in WSUS, leading to full system compromise of vulnerable servers.

Read more
AI NewsCybersecurityMalware

Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks

Matrix Push C2 exploits browser notifications for fileless phishing, priced at $150/month as malware-as-a-service.

Read more
AI NewsCybersecurityMalware

APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains

APT24's BADAUDIO malware compromised over 1,000 domains via supply chain attacks in a 3-year espionage campaign.

Read more
AI NewsCybersecurityMalware

TamperedChef Malware Campaign Exploits Fake Installers for Persistent Access

TamperedChef malware infects 100K+ systems globally, targeting healthcare and manufacturing sectors via fake installers.

Read more
AI NewsCybersecurityMalware

Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows

The Tsundere botnet is actively spreading via MSI and PowerShell installers, leveraging game-themed lures and an Ethereum-based C2 rotation system.

Read more
AI NewsCybersecurityMalware

EdgeStepper Implant Hijacks DNS to Deploy SlowStepper Malware

PlushDaemon leverages the EdgeStepper implant to redirect DNS queries, enabling malicious software updates and the deployment of SlowStepper malware.

Read more
AI NewsCybersecurityMalware

Python-Based WhatsApp Worm Distributes Eternidade Stealer in Brazil

Eternidade Stealer, a Delphi-based banking trojan, is spreading via a Python-scripted WhatsApp worm campaign targeting Brazilian users.

Read more
AI NewsCybersecurityMalware

Dragon Breath Exploits RONINGLOADER to Deploy Gh0st RAT

Dragon Breath threat actor leverages the RONINGLOADER to bypass security tools and deploy a modified Gh0st RAT, impacting Chinese-speaking users.

Read more
AI NewsCybersecurityMalware

EVALUSION ClickFix Campaign Deploys Amatera Stealer and NetSupport RAT

A new EVALUSION campaign leverages ClickFix social engineering to deliver Amatera Stealer and NetSupport RAT, impacting users across multiple phishing attacks.

Read more
AI NewsCybersecurityMalware

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

North Korean hackers exploit JSON storage services to deliver BeaverTail malware in Contagious Interview attacks, 2025.

Read more
AI NewsCybersecurityMalware

Operation Endgame Dismantles Rhadamanthys, Venom RAT, and Elysium Botnet in Global Crackdown

Europol's Operation Endgame seizes 1,025 servers and disrupts malware networks stealing millions of credentials.

Read more
AI NewsCybersecurityMalware

WhatsApp Malware 'Maverick' Hijacks Browser Sessions to Target Brazil's Biggest Banks

WhatsApp malware 'Maverick' exploits browser sessions to target Brazilian banks, leveraging 148 million active users in the country.

Read more
AI NewsCybersecurityMalware

Fantasy Hub Android Trojan Exploits Telegram for MaaS Malware Distribution

Fantasy Hub RAT, sold via Telegram, exploits Android SMS and banking systems, highlighting 67% surge in Android malware transactions.

Read more
AI NewsCybersecurityMalware

GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites

Huntress reports three GootLoader infections since October 27, 2025, with two leading to domain controller compromise within 17 hours.

Read more
AI NewsCybersecurityMalware

GlassWorm Malware Resurfaces in VS Code Extensions with Thousands of Installs

GlassWorm malware exploits VS Code extensions with 8,000+ downloads, using Unicode obfuscation and blockchain for persistence.

Read more
AI NewsCybersecurityMalware

Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware

Cybercriminals exploit fake Booking.com pages and PureRAT malware to steal hotel credentials, active since April 2025.

Read more
AI NewsCybersecurityMalware

Hyper-V Malware Attack Evades Endpoint Security with VM Isolation

Curly COMrades exploited Hyper-V to hide malware in Linux VMs, bypassing endpoint detection tools in 2025.

Read more