Tag: malware
-
New Chinese-Made Malware Framework Targets Linux-Based Cloud Environments
Detected by Check Point researchers, VoidLink is a sophisticated malware framework that can be used to implant malware in the most common cloud environments First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-malware-framework-linux/
-
New Chinese-Made Malware Framework Targets Linux-Based Cloud Environments
Detected by Check Point researchers, VoidLink is a sophisticated malware framework that can be used to implant malware in the most common cloud environments First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-malware-framework-linux/
-
Q4 2025 Malware Trends: Telegram Backdoor, Banking Trojans Surge, Joker Returns to Google Play
Telegram mods spread a powerful Android backdoor as banking trojans surge and Joker malware resurfaces on Google Play in Q4 2025, says Doctor Web. First seen on hackread.com Jump to article: hackread.com/q4-2025-malware-telegram-backdoor-joker-google-play/
-
New Advanced Linux VoidLink Malware Targets Cloud and container Environments
Cybersecurity researchers have disclosed details of a previously undocumented and feature-rich malware framework codenamed VoidLink that’s specifically designed for long-term, stealthy access to Linux-based cloud environmentsAccording to a new report from Check Point Research, the cloud-native Linux malware framework comprises an array of custom loaders, implants, rootkits, and modular First seen on thehackernews.com Jump to…
-
Court tosses appeal by hacker who opened port to coke smugglers with malware
Dutchman fails to convince judges his trial was unfair because cops read his encrypted chats First seen on theregister.com Jump to article: www.theregister.com/2026/01/13/dutch_port_hacker_appeal/
-
Court tosses appeal by hacker who opened port to coke smugglers with malware
Dutchman fails to convince judges his trial was unfair because cops read his encrypted chats First seen on theregister.com Jump to article: www.theregister.com/2026/01/13/dutch_port_hacker_appeal/
-
New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack
Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool called Remcos RAT and establish persistent, covert remote access.”The infection chain follows a tightly orchestrated execution path: an obfuscated VBS launcher executed via wscript.exe invokes a First seen on…
-
Parrot OS shares its 2026 plans for security tools and platform support
Parrot OS is a Debian-based Linux distribution built for cybersecurity work. Security practitioners use it for penetration testing, digital forensics, malware analysis, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/13/parrot-os-2026-plans-security-platform-roadmap/
-
Parrot OS shares its 2026 plans for security tools and platform support
Parrot OS is a Debian-based Linux distribution built for cybersecurity work. Security practitioners use it for penetration testing, digital forensics, malware analysis, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/13/parrot-os-2026-plans-security-platform-roadmap/
-
Botnet Threat Update July to December 2025
Botnet Command & Controller (C&C) activity increased 24% this period, with Remote Access Trojans (RATs) accounting for 42% of the Top 20 malware associated with botnets. Learn which Russia-based registrar saw a +9,608% surge in botnet C&C domains”, and which major cloud providers are taking action. Read the full report. First seen on securityboulevard.com Jump…
-
<> Modulares Botnetz nutzt Standard-Zugangsdaten für Angriffe auf Webserver
Check Point Research (CPR), die Sicherheitsforschungsabteilung von Check Point Software Technologies, hat eine neue, hochaktive Malware-Kampagne analysiert: GoBruteforcer (auch ‘GoBrut” genannt). Dabei handelt es sich um ein in der Programmiersprache Go (Golang) entwickeltes, modulares Botnetz, das systematisch öffentlich erreichbare Web- und Datenbank-Services angreift darunter FTP, MySQL, PostgreSQL und phpMyAdmin auf Linux-Servern. Die Kampagne nutzt […]…
-
Fake Employee Reports Spread Guloader and Remcos RAT Malware
Scammers are using fake October 2025 performance reviews to trick staff into installing Guloader and Remcos RAT malware. Learn how to identify this threat and protect your personal data from remote hackers. First seen on hackread.com Jump to article: hackread.com/fake-employee-reports-guloader-remcos-rat-malware/
-
GoBruteforcer: Modulares Botnetz nutzt Standard-Zugangsdaten für Angriffe
Eine aktuelle Analyse von Check Point Research zeigt, wie anfällig öffentlich erreichbare Server nach wie vor sind. Im Mittelpunkt steht eine neue Malware Kampagne mit dem Namen GoBruteforcer. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/gobruteforcer-botnetz
-
Sieben Jahre Haft: Hafen-IT gehackt, um Drogen zu schmuggeln
Tags: malwareEin Niederländer soll die IT mehrerer Hafenanlagen mit Malware infiziert haben, um unbemerkt Drogen zu importieren. Verschlüsselte Chats verrieten ihn. First seen on golem.de Jump to article: www.golem.de/news/sieben-jahre-haft-hafen-it-gehackt-um-drogen-zu-schmuggeln-2601-204080.html
-
Sprunghafter Anstieg Web-Bedrohungen legen um 82 Prozent zu, Malware-Angriffe um 28 Prozent
Blockierte schädliche URLs wachsen um 82 Prozent auf über 25 Millionen. Malware-Angriffe um 28 Prozent gestiegen. Das aktuelle Acronis Cyberthreats Update für Dezember 2025 zeigt eine deutliche Verschärfung der Cyberbedrohungslage [1]. Während die Zahl erkannter Malware-Angriffe im November 2025 um 28 Prozent zum Vormonat anstieg, erreichte auch die Zahl blockierter schädlicher URLs mit über… First…
-
Iran-linked MuddyWater APT deploys Rust-based implant in latest campaign
Rust offers evasion advantages: CloudSEK researchers said RustyWater was developed in Rust, which they said is increasingly used by malware authors for its memory safety features and cross-platform capabilities, according to the blog post. Other state-sponsored groups, including Russia’s Gossamer Bear and China-linked actors, have also deployed Rust-based malware in recent campaigns, according to security…
-
ValleyRAT_S2: Stealth Intrusions Aimed at Financial Data Exfiltration
A sophisticated second-stage malware payload known as ValleyRAT_S2 has emerged as a critical threat to organizations across Chinese-speaking regions, including mainland China, Hong Kong, Taiwan, and Southeast Asia. This Remote Access Trojan (RAT), written in C++, is a modular, highly evasive cyber-espionage tool designed to infiltrate systems, maintain persistent access, and extract sensitive financial and…
-
Fake Employee Performance Reports Deliver Guloader Malware
Organizations are being warned about a new phishing campaign that weaponizes fake employee performance reports to deploy the Guloader malware and ultimately install Remcos RAT on compromised systems. In the observed cases, threat actors send phishing emails that purport to share an employee performance report for October 2025. The email body claims that management is…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 79
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter VVS Discord Stealer Using Pyarmor for Obfuscation and Detection Evasion A Broken System Fueling Botnets Malicious NPM Packages Deliver NodeCordRAT Boto-Cor-de-Rosa campaign reveals Astaroth WhatsApp-based worm activity in Brazil CNCERT: Risk Warning Regarding…
-
Ghost Tapped Turns Android Phones Into Fraud Payment Relays
Ghost Tapped is Android malware that abuses NFC to enable remote payment fraud without physical card access. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/ghost-tapped-turns-android-phones-into-fraud-payment-relays/
-
xRAT Malware Targets Windows Users via Fake Adult Game
AhnLab Security Intelligence Center (ASEC) has uncovered a dangerous distribution campaign targeting Windows users through Korean web hard services. Threat actors are leveraging xRAT (QuasarRAT) malware, disguising it as legitimate adult game content to deceive unsuspecting users into downloading and executing malicious files. Korean webhard services have become a prime vector for malware distribution, with…
-
Russia’s Fancy Bear APT Doubles Down on Global Secrets Theft
The notorious Russian state-sponsored group relies on basic techniques that are highly effective, often delivering greater ROI than more complex malware-heavy operations. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-apt-credentials-global-targets
-
Notorious Russian APT Nabs Credentials From Global Targets
Fancy Bear relies on basic techniques that are highly effective, often delivering greater ROI than more complex malware-heavy operations. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-apt-credentials-global-targets
-
China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe. UAT-7290 primarily targets telecom providers, it conducts espionage by deeply embedding in victim networks and also operates Operational…
-
Welche Gefahren von geparkten Domains ausgehen
Die Forscher selbst schreiben, dass bei groß angelegten Experimenten Besucher einer geparkten Domain in über 90 Prozent der Fälle zu illegalen Inhalten, Betrugsversuchen, Scareware und Antiviren-Software-Abonnements oder Malware weitergeleitet wurden. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/welche-gefahren-von-geparkten-domains-ausgehen/a43311/
-
New China-linked hackers breach telcos using edge device exploits
A sophisticated threat actor that uses Linux-based malware to target telecommunications providers has recently broadened its operations to include organizations in Southeastern Europe. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-china-linked-hackers-breach-telcos-using-edge-device-exploits/
-
Astaroth Banking Trojan Targets Brazilians via WhatsApp Messages
Researchers at Acronis have discovered a new campaign called Boto Cor-de-Rosa, where the Astaroth banking malware spreads like a worm through WhatsApp Web to steal contact lists and banking credentials. First seen on hackread.com Jump to article: hackread.com/astaroth-banking-trojan-brazil-whatsapp-messages/