All Malware Data Breach Privacy APT Vulnerability General
The Hacker News Malware

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Cybersecurity researchers have discovered two malicious packages in the Python Package Index (PyPI) repository that masquerade as spellcheckers but contain functionality to deliver a remote access trojan (RAT). The packages, named spellcheckerpy and spellcheckpy, are no longer av

The Hacker News Malware

Password Reuse in Disguise: An Often-Missed Risky Workaround

When security teams discuss credential-related risk, the focus typically falls on threats such as phishing, malware, or ransomware. These attack methods continue to evolve and rightly command attention. However, one of the most persistent and underestimated risks to organizationa

Kaspersky Malware

HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns

Kaspersky researchers analyze updated CoolClient backdoor and new tools and scripts used in HoneyMyte (aka Mustang Panda or Bronze President) APT campaigns, including three variants of a browser data stealer.

Dark Reading Malware

Complex VoidLink Linux Malware Created by AI

Researchers say the advanced framework was built almost entirely by agents, marking a significant evolution in the use of AI to develop wholly original malware.

Dark Reading Malware

'CrashFix' Scam Crashes Browsers, Delivers Malware

The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a Python-based RAT.

The Hacker News Malware

VoidLink Linux Malware Framework Built with AI Assistance Reaches 88,000 Lines of Code

The recently discovered sophisticated Linux malware framework known as VoidLink is assessed to have been developed by a single person with assistance from an artificial intelligence (AI) model. That's according to new findings from Check Point Research, which identified operation

Mandiant Malware

Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors

Written by: Sarah Yoder, John Wolfram, Ashley Pearson, Doug Bienstock, Josh Madeley, Josh Murchie, Brad Slaybaugh, Matt Lin, Geoff Carstairs, Austin Larsen Introduction Google Threat Intelligence Group (GTIG) is tracking BRICKSTORM malware activity, which is being used to mainta

Mandiant Malware

New Group on the Block: UNC5142 Leverages EtherHiding to Distribute Malware

Written by: Mark Magee, Jose Hernandez, Bavi Sadayappan, Jessa Valdez Since late 2023, Mandiant Threat Defense and Google Threat Intelligence Group (GTIG) have tracked UNC5142, a financially motivated threat actor that abuses the blockchain to facilitate the distribution of info

Mandiant Malware

DPRK Adopts EtherHiding: Nation-State Malware Hiding on Blockchains

Written by: Blas Kojusner, Robert Wallace, Joseph Dobson Google Threat Intelligence Group (GTIG) has observed the North Korea (DPRK) threat actor UNC5342 using ‘EtherHiding’ to deliver malware and facilitate cryptocurrency theft, the first time GTIG has observed a nation-state a

Mandiant Malware

To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER

Written by: Wesley Shields Introduction  COLDRIVER, a Russian state-sponsored threat group known for targeting high profile individuals in NGOs, policy advisors and dissidents, swiftly shifted operations after the May 2025 public disclosure of its LOSTKEYS malware, operationaliz

Mandiant Malware

Help Wanted: Vietnamese Actors Using Fake Job Posting Campaigns to Deliver Malware and Steal Credentials

Google Threat Intelligence Group (GTIG) is tracking a cluster of financially motivated threat actors operating from Vietnam that leverages fake job postings on legitimate platforms to target individuals in the digital advertising and marketing sectors. The actor effectively uses

Mandiant Malware

Time Travel Triage: An Introduction to Time Travel Debugging using a .NET Process Hollowing Case Study

Written by: Josh Stroschein, Jae Young Kim The prevalence of obfuscation and multi-stage layering in today’s malware often forces analysts into tedious and manual debugging sessions. For instance, the primary challenge of analyzing pervasive commodity stealers like AgentTesla is

Prev 1 ... 16 17 18 19 20 ... 21 Next