Lucene search
K

4 matches found

The Hacker News
The Hacker News
added 2025/10/01 7:11 a.m.3 views

Ukraine Warns of CABINETRAT Backdoor + XLL Add-ins Spread via Signal ZIPs

The Computer Emergency Response Team of Ukraine CERT-UA has warned of new targeted cyber attacks in the country using a backdoor called CABINETRAT. The activity, observed in September 2025, has been attributed to a threat cluster it tracks as UAC-0245. The agency said it spotted the attack...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/09/24 11:28 a.m.2 views

New YiBackdoor Malware Shares Major Code Overlaps with IcedID and Latrodectus

Cybersecurity researchers have disclosed details of a new malware family dubbed YiBackdoor that has been found to share "significant" source code overlaps with IcedID and Latrodectus. "The exact connection to YiBackdoor is not yet clear, but it may be used in conjunction with Latrodectus and Iced...

7.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/27 12:0 a.m.6 views

Under the Hood of BlotchyQuasar: DLL-Based RAT Campaigns against Latin America

A sophisticated malspam campaign was recently uncovered targeting Latin American countries, with a particular focus on Brazil. This operation utilizes a highly deceptive phishing email to trick users into executing a malicious MSI file, initiating a multi-stage infection. The core of the attack...

7AI score
Exploits0
Snyk
Snyk
added 2020/12/17 12:44 p.m.5 views

Malicious Package

Overview prettycolor is a malicious package. Within version.rb, obfuscated code can be found which, on Windows systems, generates and runs a malicious VBScript theScore.vbs. This script will: 1. Create drop another malicious VBScript at %PROGRAMDATA%\Microsoft Essentials\Software Essentials.vbs 2...

9.8CVSS7.1AI score
Exploits0References2
Rows per page
Query Builder