Lucene search
K

6 matches found

Malwarebytes
Malwarebytes
added 2026/07/02 4:5 p.m.27 views

Fake Google and Cloudflare verification pages spread multiple malware families

Updated July 6 to add connections with SyncTDS and TrafficTDS ClickFix attacks, which trick people into running malicious commands themselves, continue to evolve. This latest campaign uses fake Google and Cloudflare verification pages to convince victims to infect their own devices. A single...

6.1AI score
Exploits0
HackRead
HackRead
added 2026/01/15 1:3 p.m.10 views

New CastleLoader Variant Linked to 469 Infections Across Critical Sectors

ANY.RUN report reveals how the new CastleLoader malware targets US government agencies using stealthy ClickFix tricks and memory-based attacks to bypass security...

7AI score
Exploits0
HackRead
HackRead
added 2025/12/11 9:28 a.m.7 views

CastleLoader Malware Now Uses Python Loader to Bypass Security

Cybersecurity researchers at Blackpoint Cyber discovered a new, evasive CastleLoader malware variant using Python and ClickFix social engineering to deliver RATs and info-stealers directly from memory...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/09 4:1 p.m.5 views

Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure

Four distinct threat activity clusters have been observed leveraging a malware loader known as CastleLoader , strengthening the previous assessment that the tool is offered to other threat actors under a malware-as-a-service MaaS model. The threat actor behind CastleLoader has been assigned the...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/09/05 2:7 p.m.6 views

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

The threat actor behind the malware-as-a-service MaaS framework and loader called CastleLoader has also developed a remote access trojan known as CastleRAT. "Available in both Python and C variants, CastleRAT's core functionality consists of collecting system information, downloading and executin...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/07/24 3:13 p.m.16 views

CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing

Cybersecurity researchers have shed light on a new versatile malware loader called CastleLoader that has been put to use in campaigns distributing various information stealers and remote access trojans RATs. The activity employs Cloudflare-themed ClickFix phishing attacks and fake GitHub...

7.4AI score
Exploits0
Rows per page
Query Builder