All Malware Data Breach Privacy APT Vulnerability General
Kaspersky Malware

The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign

Kaspersky experts have uncovered a malicious network infrastructure for delivering AsyncRAT. The Trojan is dropped via compromised ScreenConnect software. In this post, we break down the infection chain and analyze the C2 infrastructure.

Kaspersky Malware

Armored Likho digging a snake pit: inside the covert BusySnake Stealer campaign

An inside look at the active Armored Likho APT campaign. The attackers are using spear-phishing, AI-generated loaders, and a new Python-based tool, BusySnake Stealer, to target organizations in Russia, Kazakhstan, and Brazil.

Unit42 Malware

OpenClaw’s Skill Marketplace and the Emerging AI Supply Chain Threat

Unit 42's analysis of ClawHub revealed evasive malicious skills bypassing automated scanners to deploy infostealers and execute agentic financial fraud. The post OpenClaw’s Skill Marketplace and the Emerging AI Supply Chain Threat appeared first on Unit 42.

Unit42 Malware

Vidar Stealer Unmasked: Code Signing Abuse, Go Loaders and File Inflation

A cybercrime campaign combined a loader-as-a-service framework and DLL sideloading via a Go-compiled fake MpClient.dll, a novel evasion layer combination. The post Vidar Stealer Unmasked: Code Signing Abuse, Go Loaders and File Inflation appeared first on Unit 42.

Unit42 Malware

No Manners Here: The Ruthless Rise of The Gentlemen Ransomware

Unit 42 explores The Gentlemen ransomware operations, revealing the affiliate model driving its rapid growth. Learn more here. The post No Manners Here: The Ruthless Rise of The Gentlemen Ransomware appeared first on Unit 42.

Mandiant Malware

Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite

Written by: JP Glab, Tufail Ahmed, Josh Kelley, Muhammad Umair Introduction  Google Threat Intelligence Group (GTIG) identified a multistage intrusion campaign by a newly tracked threat group, UNC6692, that leveraged persistent social engineering, a custom modular malware suite,

Krebs on Security Malware

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm

Dark Reading Malware

Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia

More than 1,600 socially engineered messages from the China-backed advanced persistent threat (APT) group target various sectors to deliver the previously undocumented ABCDoor backdoor, ValleyRAT, and other malware.

Dark Reading Malware

VoidStealer Malware Darts Past Google Chrome's Encryption

Authors of the VoidStealer Trojan uncovered yet another way to get around Google's App-Bound Encryption (ABE), opening the door to infostealers.

Dark Reading Malware

After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets

PCPJack makes innovative use of parquet files for stealthy, pre-validated target discovery as it canvasses multiple cloud environments.

Dark Reading Malware

Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain

Hundreds of npm packages infected by the self-propagating, credential-stealing worm from TeamPCP are related to the open source TanStack ecosystem.

Dark Reading Malware

Tables Turn on 'The Gentlemen' RaaS Gang With Data Leak

An OPSEC failure provides a window into what helped the ransomware group rise: a generous affiliate model, opportunistic TTPs, and an effective organizational structure.

Prev 1 2 3 4 5 ... 21 Next