Malware

Rust Based VENON Malware Targets 33 Brazilian Banks with Credential Stealing Overlays

Cybersecurity researchers have uncovered a newly developed banking malware named VENON, which specifically targets users in Brazil. The malware is written in Rust, marking a notable shift from the traditional Delphi-based malware families commonly associated with the Latin American cybercrime landscape. The malicious program, designed to infect Windows systems, was discovered recently and analyzed by the Brazilian cybersecurity firm ZenoX. […]

Rust Based VENON Malware Targets 33 Brazilian Banks with Credential Stealing Overlays Read More »

Ransomware Campaigns

Hive0163 Deploys AI Assisted Slopoly Malware for Persistent Access in Ransomware Campaigns

Cybersecurity experts have revealed a new AI-assisted malware strain named Slopoly, reportedly used by the financially motivated threat actor Hive0163 to maintain long-term access in ransomware attacks. IBM X-Force researcher Golo Mühr commented, “Although still relatively unsophisticated, AI-generated malware like Slopoly demonstrates how easily attackers can leverage artificial intelligence to accelerate malware development.” Overview of Hive0163 Operations Hive0163

Hive0163 Deploys AI Assisted Slopoly Malware for Persistent Access in Ransomware Campaigns Read More »

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have uncovered six new Android malware families designed to steal sensitive data from infected devices and carry out financial fraud. These threats primarily target banking applications, cryptocurrency wallets, and digital payment platforms. The discovered malware includes several banking trojans and remote access tools capable of monitoring user activity, hijacking financial transactions, and gaining full control over

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets Read More »

Five Malicious

Five Malicious Rust Crates and AI Bot Abuse CI CD Pipelines to Steal Developer Secrets

Security researchers have uncovered a group of malicious packages written in the Rust programming language that were uploaded to the official Rust package registry crates.io. These packages were disguised as utilities designed to manage or synchronize system time but were actually created to steal sensitive developer data. The five malicious crates identified are: According to researchers from Socket, the

Five Malicious Rust Crates and AI Bot Abuse CI CD Pipelines to Steal Developer Secrets Read More »

KadNap Malware

KadNap Malware Compromises Over 14,000 Edge Devices to Build Stealth Proxy Botnet

Cybersecurity researchers have uncovered a sophisticated malware campaign involving a threat dubbed KadNap, which primarily targets Asus routers and other edge devices to build a stealthy proxy botnet. The malware has compromised over 14,000 devices globally, with more than 60% of infections in the U.S., according to Black Lotus Labs at Lumen. KadNap uses a custom implementation of the Kademlia Distributed

KadNap Malware Compromises Over 14,000 Edge Devices to Build Stealth Proxy Botnet Read More »

Found this article interesting? Follow us on  X (Twitter) , Facebook, Blue sky and LinkedIn to read more exclusive content we post.

APT28 Deploys BEARDSHELL and COVENANT Malware in Espionage Campaign Against Ukrainian Military

The Russia linked threat group APT28 has been observed deploying two malware implants, BEARDSHELL and COVENANT, in cyber espionage operations targeting Ukrainian military personnel. According to a new investigation by ESET, the malware tools have been actively used since April 2024 to maintain persistent access and conduct long term surveillance. APT28, also widely known by aliases such as Fancy Bear, Sednit, Pawn Storm, and TA422,

APT28 Deploys BEARDSHELL and COVENANT Malware in Espionage Campaign Against Ukrainian Military Read More »

Malicious npm Package Disguised as OpenClaw Installer Installs RAT and Steals macOS Credentials

Cybersecurity researchers have identified a malicious npm package that pretends to be an installer for OpenClaw but actually deploys a remote access trojan and steals sensitive information from macOS systems. The package, called @openclaw-ai/openclawai, was uploaded to the npm registry on March 3, 2026 by a user named “openclaw-ai”. Security researchers observed that the package had

Malicious npm Package Disguised as OpenClaw Installer Installs RAT and Steals macOS Credentials Read More »

UNC4899 Breached

UNC4899 Breaches Crypto Firm After Trojanized File Is AirDropped to Developer Work Device

A sophisticated cyberattack attributed to the North Korean threat group UNC4899 has reportedly compromised a cryptocurrency organization in 2025, resulting in the theft of millions of dollars worth of digital assets. The attack demonstrates how modern cyber operations combine social engineering, cloud exploitation, and supply chain style infiltration. Security researchers have linked the activity with moderate confidence

UNC4899 Breaches Crypto Firm After Trojanized File Is AirDropped to Developer Work Device Read More »

Chrome-Extension

Chrome Extension Becomes Malicious After Ownership Transfer, Allowing Code Injection and Data Theft

Cybersecurity researchers have uncovered a troubling case where two Google Chrome extensions became malicious after their ownership changed. The situation highlights a growing security threat in the browser extension ecosystem, where trusted tools can be converted into malware distribution channels. The affected extensions were originally associated with a developer using the email akshayanuonline@gmail.com, linked to the

Chrome Extension Becomes Malicious After Ownership Transfer, Allowing Code Injection and Data Theft Read More »

Transparent Tribe Leverages AI to Mass Produce Malware Implants in Campaign Targeting India

The Pakistan-linked threat actor Transparent Tribe has adopted AI-powered coding tools to mass-produce malware implants aimed at Indian targets, including government entities and embassies abroad. According to Bitdefender, the campaign emphasizes quantity over sophistication, generating large volumes of disposable implants using niche programming languages like Nim, Zig, and Crystal while exploiting trusted services such as Slack, Discord, Supabase, and Google Sheets to

Transparent Tribe Leverages AI to Mass Produce Malware Implants in Campaign Targeting India Read More »