Malware Archives - Page 14 Of 26

Iran Linked Hackers Hit Israeli Sectors With New MuddyViper Backdoor

December 2, 2025

Israeli organizations across academia, engineering, local government, manufacturing, technology, transportation, and utilities have become targets of a sophisticated campaign by Iranian-linked hackers deploying a new backdoor called MuddyViper. ESET attributed the attacks to the MuddyWater group, also known as Mango Sandstorm or TA450, linked to Iran’s Ministry of Intelligence and Security (MOIS). One Egyptian technology […]

Iran Linked Hackers Hit Israeli Sectors With New MuddyViper Backdoor Read More »

New Albiriox MaaS Malware Hits Over 400 Apps With Fraud and Screen Control

December 1, 2025

A newly advertised Android malware called Albiriox has surfaced as a powerful malware as a service [MaaS] platform, offering attackers a broad toolkit designed for on device fraud, remote interaction, and advanced screen manipulation. Security analysts report that Albiriox is rapidly gaining traction within cybercrime forums because of its extensive capabilities and its ability to

New Albiriox MaaS Malware Hits Over 400 Apps With Fraud and Screen Control Read More »

Tomiris uses public service based implants for stealthier C2 in attacks on government targets

December 1, 2025

A new wave of cyber attacks linked to the threat actor known as Tomiris has been identified targeting foreign ministries, intergovernmental bodies, and government institutions inside Russia. According to researchers, the actor aims to gain remote access inside sensitive networks and deploy additional malicious tools for long term operations. Kaspersky analysts Oleg Kupreev and Artem

Tomiris uses public service based implants for stealthier C2 in attacks on government targets Read More »

North Korean hackers use 197 npm packages to spread updated OtterCookie malware

November 29, 2025

A North Korean threat group linked to the Contagious Interview activity has continued its aggressive malware distribution by uploading 197 additional malicious packages to the npm registry since last month. Researchers at Socket confirmed that these packages have been downloaded more than 31000 times. Each of them is designed to install a modified version of

North Korean hackers use 197 npm packages to spread updated OtterCookie malware Read More »

Bloody Wolf expands Java based NetSupport RAT attacks in Kyrgyzstan and Uzbekistan

November 27, 2025

A growing cyber espionage campaign linked to the threat group known as Bloody Wolf has widened its reach in Central Asia as the attackers continue delivering the NetSupport RAT through deceptive Java based loaders. The campaign, which initially focused on Kyrgyzstan in June 2025, has expanded to include Uzbekistan by October 2025, according to Group

Bloody Wolf expands Java based NetSupport RAT attacks in Kyrgyzstan and Uzbekistan Read More »

Shai Hulud v2 spreads from npm to Maven, exposing thousands of secrets

November 27, 2025

A new wave of the Shai Hulud supply chain attack has now moved beyond the npm ecosystem and into Maven, exposing thousands of sensitive credentials and widening the reach of one of the most impactful attacks of the year. Security researchers have confirmed that the second phase of the operation has compromised more than 830

Shai Hulud v2 spreads from npm to Maven, exposing thousands of secrets Read More »

RomCom deploys Mythic Agent malware via SocGholish fake update attacks

November 26, 2025

Cybersecurity researchers have discovered that the Russia-linked threat actor RomCom attempted to compromise a U.S.-based civil engineering company using a JavaScript loader known as SocGholish, delivering the sophisticated Mythic Agent malware. According to Arctic Wolf Labs researcher Jacob Faires, this marks the first observed instance of a RomCom payload being distributed via SocGholish. The campaign

RomCom deploys Mythic Agent malware via SocGholish fake update attacks Read More »

JackFix spreads multiple stealers via fake Windows Update pop ups on adult sites.

November 25, 2025

A newly uncovered malware campaign is exploiting adult themed phishing sites and deceptive ClickFix style lures to trick users into executing malicious Windows commands disguised as urgent security updates. Cybersecurity researchers from Acronis have identified the activity, warning that the threat actors are using highly convincing fake Windows update screens to distribute multiple information stealers.

JackFix spreads multiple stealers via fake Windows Update pop ups on adult sites. Read More »

ToddyCat’s new tools steal Outlook emails and Microsoft 365 tokens, threatening users and organizations.

November 25, 2025

The threat group known as ToddyCat has introduced new techniques designed to infiltrate corporate email systems and extract sensitive data from targeted organizations. According to a technical report by Kaspersky, the group is now using a custom tool called TCSectorCopy to obtain access to Microsoft Outlook data and OAuth 2.0 tokens. Kaspersky noted that this

ToddyCat’s new tools steal Outlook emails and Microsoft 365 tokens, threatening users and organizations. Read More »

Hackers use Blender 3D assets to spread StealC V2 malware, threatening creators and users

November 25, 2025

Cybersecurity analysts have uncovered a new threat campaign in which attackers are weaponizing Blender Foundation files to distribute an upgraded version of the StealC information stealer, known as StealC V2. The activity has been ongoing for at least six months, according to Morphisec researcher Shmuel Uzan, who reported that malicious .blend files were discovered on

Hackers use Blender 3D assets to spread StealC V2 malware, threatening creators and users Read More »