Tag: malware
-
Rhadamanthys malware admin rattled as cops seize a thousand-plus servers
Operation Endgame also takes down Elysium and VenomRAT infrastructure First seen on theregister.com Jump to article: www.theregister.com/2025/11/13/rhadamanthys_takedown/
-
Top 3 Malware Families in Q4: How to Keep Your SOC Ready
Q3 showed sharp growth in malware activity as Lumma AgentTesla and Xworm drove access and data theft forcing SOC teams toward quicker behavior checks First seen on hackread.com Jump to article: hackread.com/top-3-malware-families-in-q4-how-to-keep-your-soc-ready/
-
Rhadamanthys malware admin rattled as cops seize a thousand-plus servers
Operation Endgame also takes down Elysium and VenomRAT infrastructure First seen on theregister.com Jump to article: www.theregister.com/2025/11/13/rhadamanthys_takedown/
-
Top 3 Malware Families in Q4: How to Keep Your SOC Ready
Q3 showed sharp growth in malware activity as Lumma AgentTesla and Xworm drove access and data theft forcing SOC teams toward quicker behavior checks First seen on hackread.com Jump to article: hackread.com/top-3-malware-families-in-q4-how-to-keep-your-soc-ready/
-
Rhadamanthys malware admin rattled as cops seize a thousand-plus servers
Operation Endgame also takes down Elysium and VenomRAT infrastructure First seen on theregister.com Jump to article: www.theregister.com/2025/11/13/rhadamanthys_takedown/
-
Operation Endgame 3.0 Dismantles Three Major Malware Networks
A global law enforcement operation has taken down the Rhadamanthys infostealer, VenomRAT trojan and the Elysium botnet First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/operation-endgame-3-dismantles/
-
Police disrupts Rhadamanthys, VenomRAT, and Elysium malware operations
Law enforcement authorities from 9 countries have taken down 1,025 servers used by the Rhadamanthys infolstealer, VenomRAT, and Elysium botnet malware operations in the latest phase of Operation Endgame, an international action targeting cybercrime. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-disrupts-rhadamanthys-venomrat-and-elysium-malware-operations/
-
Operation Endgame Dismantles Rhadamanthys, Venom RAT, and Elysium Botnet in Global Crackdown
Malware families like Rhadamanthys Stealer, Venom RAT, and the Elysium botnet have been disrupted as part of a coordinated law enforcement operation led by Europol and Eurojust.The activity, which is taking place between November 10 and 13, 2025, marks the latest phase of Operation Endgame, an ongoing operation designed to take down criminal infrastructures and…
-
Beware of Fake Bitcoin Tools Concealing DarkComet RAT Malware
A newly discovered malware campaign is leveraging one of cybercriminals’ most effective lures cryptocurrency to distribute DarkComet RAT. This notorious remote access trojan continues to plague users despite being discontinued by its creator years ago. Security researchers have identified a suspicious executable masquerading as a Bitcoin wallet application, which, when executed, silently deploys the full…
-
Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate Software
Tags: attack, backdoor, cyber, cybersecurity, data, hacker, intelligence, malware, monitoring, software, theft, toolCybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated attack campaign leveraging legitimate Remote Monitoring and Management (RMM) tools to deploy backdoor malware on unsuspecting users’ systems. The attacks abuse LogMeIn Resolve (GoTo Resolve) and PDQ Connect, transforming trusted administrative tools into weapons for data theft and remote system compromise. While the…
-
Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate Software
Tags: attack, backdoor, cyber, cybersecurity, data, hacker, intelligence, malware, monitoring, software, theft, toolCybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated attack campaign leveraging legitimate Remote Monitoring and Management (RMM) tools to deploy backdoor malware on unsuspecting users’ systems. The attacks abuse LogMeIn Resolve (GoTo Resolve) and PDQ Connect, transforming trusted administrative tools into weapons for data theft and remote system compromise. While the…
-
AppleScript Abused to Spread Fake Zoom and Teams macOS Updates
Hackers use AppleScript to disguise macOS malware as fake app updates, bypassing Apple’s protections. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/applescript-abused-to-spread-fake-zoom-and-teams-macos-updates/
-
AppleScript Abused to Spread Fake Zoom and Teams macOS Updates
Hackers use AppleScript to disguise macOS malware as fake app updates, bypassing Apple’s protections. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/applescript-abused-to-spread-fake-zoom-and-teams-macos-updates/
-
‘Advanced’ hacker seen exploiting Cisco, Citrix zero-days
The hackers notably used custom malware and were exploiting CVE-2025-5777, now known colloquially as “Citrix Bleed Two”, before it was disclosed publicly in July. First seen on therecord.media Jump to article: therecord.media/advanced-hacker-exploiting-cisco-citrix-zero-days-amazon
-
KI-Betrug wird zur wachsenden Sorge der Verbraucher
Die neue 2025 Consumer-Cybersecurity-Survey von Bitdefender gibt Einblicke in zentrale Verhaltensweisen, Praktiken und Bedenken im Bereich der Cybersicherheit. Die Ergebnisse zeigen eklatante Sicherheitslücken auf, die viele Anwender anfällig für Malware, Betrug, Scams und Datendiebstahl machen. Die Umfrage betont auch die zweischneidige Rolle der künstlichen Intelligenz (KI): Während sie fortschrittliche Schutzlösungen für Verbraucher ermöglicht, nutzen Cyberkriminelle…
-
WhatsApp Malware ‘Maverick’ Hijacks Browser Sessions to Target Brazil’s Biggest Banks
Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp.According to a report from CyberProof, both malware strains are written in .NET, target Brazilian users and banks, and feature identical functionality to decrypt, targeting banking URLs and monitor banking applications.…
-
Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS
Researchers found Fantasy Hub, a Russian MaaS Android RAT that lets attackers spy, steal data, and control devices via Telegram. Zimperium researchers uncovered Fantasy Hub, a Russian-sold Android RAT offered as Malware-as-a-Service, enabling spying, device control, and data theft via Telegram. The malware allows operators to take over infected devices, gathering SMS messages, contacts, call…
-
GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites
The malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress.The cybersecurity company said it observed three GootLoader infections since October 27, 2025, out of which two resulted in hands-on keyboard intrusions with domain controller compromise taking place within 17 hours of…
-
GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites
The malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress.The cybersecurity company said it observed three GootLoader infections since October 27, 2025, out of which two resulted in hands-on keyboard intrusions with domain controller compromise taking place within 17 hours of…
-
New “KomeX” Android RAT Hits Hacker Forums with Tiered Subscriptions
A sophisticated Android remote-access trojan named KomeX RAT has emerged on underground hacking forums, with the threat actor Gendirector actively marketing the malware through tiered subscription models. The malware, built on the foundation of previously documented BTMOB, poses a significant threat to Android device owners due to its extensive capabilities and aggressive advertising campaign within…
-
Android Trojan ‘Fantasy Hub’ Malware Service Turns Telegram Into a Hub for Hackers
Cybersecurity researchers have disclosed details of a new Android remote access trojan (RAT) called Fantasy Hub that’s sold on Russian-speaking Telegram channels under a Malware-as-a-Service (MaaS) model.According to its seller, the malware enables device control and espionage, allowing threat actors to collect SMS messages, contacts, call logs, images, and videos, as well as intercept, reply,…