MALWARE 65

• Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques Oct 23, 2025
• SocGholish Malware Using Compromised Sites to Deliver Ransomware Oct 22, 2025
• Vidar Stealer 2.0 adds multi-threaded data theft, better evasion Oct 21, 2025
• New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs Oct 18, 2025
• Hacker Group TA585 Emerges With Advanced Attack Infrastructure Oct 14, 2025
• Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors Oct 13, 2025
• Gamaredon X Turla collab Sep 19, 2025
• EvilAI malware campaign exploits AI-generated code to breach global critical sectors Sep 16, 2025
• DNV details ‘SteganoAmor’ malware campaign used against Iranian oil and gas traders, extends to maritime operators Sep 15, 2025
• New Buterat Backdoor Malware Found in Enterprise and Government Networks Sep 10, 2025
• 18 Popular Code Packages Hacked, Rigged to Steal Crypto Sep 8, 2025
• RapperBot Hijacking Devices to Launch DDoS Attack In a Split Second Sep 3, 2025
• New Report on Commercial Spyware Vendors Detailing Their Targets and Infection Chains Sep 2, 2025
• New Phishing Campaign Abuses ConnectWise ScreenConnect to Take Over Devices Aug 27, 2025
• AI-Powered Ransomware Has Arrived With 'PromptLock' Aug 27, 2025
• Fake macOS Help Sites Seek to Spread Infostealer in Targeted Campaign Aug 25, 2025
• ClickFix Attack Tricks AI Summaries Into Pushing Malware Aug 25, 2025
• Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger Aug 21, 2025
• New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises Aug 12, 2025
• Malvertising campaign leads to PS1Bot, a multi-stage malware framework Aug 12, 2025
• Shared secret EDR killer in the kill chain Aug 6, 2025
• Makop Ransomware Identified in Attacks in South Korea Aug 5, 2025
• New Plague Linux malware stealthily maintains SSH access Aug 4, 2025
• AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown Aug 1, 2025
• RAVEN STEALER UNMASKED Telegram-Based Data Exfiltration Jul 26, 2025
• Surveillance Malware Hidden in npm and PyPI Packages Targets Developers with Keyloggers, Webcam Capture, and Credential Theft Jul 23, 2025
• The Rise of Acreed Infostealer in the Post-LummaC2 Threat Landscape Jul 22, 2025
• Coyote in the Wild First-Ever Malware That Abuses UI Automation Jul 22, 2025
• Back to Business Lumma Stealer Returns with Stealthier Methods Jul 22, 2025
• Malware Identified in Attacks Exploiting Ivanti Connect Secure Vulnerabilities Jul 18, 2025
• Getting to the Crux (Ransomware) of the Matter Jul 18, 2025
• WordPress Redirect Malware Hidden in Google Tag Manager Code Jul 17, 2025
• Threat hunting case study Lumma infostealer Jul 17, 2025
• GhostContainer backdoor malware compromising Exchange servers of high-value organizations in Asia Jul 17, 2025
• Old Miner, New Tricks H2miner Resurfaces with Lcrypt0rx Ransomware Jul 16, 2025
• KongTuke FileFix Leads to New Interlock RAT Variant Jul 14, 2025
• OCTALYN STEALER UNMASKED Jul 12, 2025
• macOS.ZuRu Resurfaces | Modified Khepri C2 Hides Inside Doctored Termius App Jul 10, 2025
• Malware of the Day – Multi-Modal C2 Communication – Numinon C2 Jul 10, 2025
• GreyNoise Identifies New Scraper Botnet Concentrated in Taiwan Jul 9, 2025
• GitHub Abused to Spread Malware Disguised as Free VPN Jul 9, 2025
• NordDragonScan Quiet Data-Harvester on Windows Jul 7, 2025
• Digging Gold with a Spoon – Resurgence of Monero-mining Malware Jul 7, 2025
• June's Dark Gift The Rise of Qwizzserial Jul 2, 2025
• Stealthy WordPress Malware Drops Windows Trojan via PHP Backdoor Jun 27, 2025
• Odyssey Stealer The Rebrand of Poseidon Stealer Jun 26, 2025
• In the Wild Malware Prototype with Embedded Prompt Injection Jun 25, 2025
• Resurgence of the Prometei Botnet Jun 20, 2025
• Part 2 Tracking LummaC2 Infrastructure Jun 19, 2025
• Cobalt Strike Operators Leverage PowerShell Loaders Across Chinese, Russian, and Global Infrastructure Jun 19, 2025
• Fake Minecraft mods distributed by the Stargazers Ghost Network to steal gamers’ data Jun 18, 2025
• JSFireTruck Exploring Malicious JavaScript Using JSF*ck as an Obfuscation Technique Jun 12, 2025
• Fog Ransomware Unusual Toolset Used in Recent Attack Jun 12, 2025
• Toxic trend Another malware threat targets DeepSeek Jun 11, 2025
• The FBI Issued a Warning About This Malware That's Infecting Millions of Devices Jun 6, 2025
• Blitz Malware A Tale of Game Cheats and Code Repositories Jun 6, 2025
• Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine Jun 5, 2025
• From open-source to open threat Tracking Chaos RAT’s evolution Jun 4, 2025
• Acreed Emerges as Dominant Infostealer Threat Following Lumma Takedown Jun 2, 2025
• Interlock ransomware what you need to know May 30, 2025
• Tracking LummaC2 Infrastructure with Cats May 29, 2025
• Deep Dive into a Dumped Malware without a PE Header May 29, 2025
• Malware or LLM? Silent Werewolf employs new loaders to attack Russian and Moldovan organizations May 27, 2025
• SilverRAT Source Code Leaked Online Here’s What You Need to Know May 26, 2025
• Reborn in Rust AsyncRAT May 26, 2025