Lucene search
K

95 matches found

The Hacker News
The Hacker News
added 2026/06/16 5:41 p.m.14 views

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader , Lorem Ipsum Loader , and Potemkin , per independent reports from Morphisec, BlueVoyant, and Huntress, respectively. Attacks involving BabaDeda Loader, observed in April...

6.5AI score
Exploits0
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.7 views

Bruno 安全漏洞

Bruno is an open-source IDE developed by usebruno, designed for exploring and testing APIs. Versions of Bruno prior to 3.2.1 contained security vulnerabilities. These vulnerabilities were caused by a supply chain attack involving a tampered axios npm package, which could potentially deploy...

9.8CVSS5.8AI score0.00234EPSS
Exploits0References4
Malwarebytes
Malwarebytes
added 2026/01/26 8:1 a.m.7 views

A week in security (January 19 – January 25)

Last week on Malwarebytes Labs: Spammers abuse Zendesk to flood inboxes with legitimate-looking emails, but why? Fake LastPass maintenance emails target users Under Armour ransomware breach: data of 72 million customers appears on the dark web Can you use too many LOLBins to drop some RATs?...

5.9AI score
Exploits0
Trellix
Trellix
added 2026/01/14 12:0 a.m.8 views

Hiding in Plain Sight: Multi-Actor ahost.exe Attacks

Hiding in Plain Sight: Deconstructing the Multi-Actor DLL Sideloading Campaign abusing ahost.exe By Mallikarjun Wali and Mohideen Abdul Khader · January 14, 2026 Executive summary The Trellix Advanced Research Center has uncovered an active malware campaign that exploits a DLL sideloading...

6AI score
Exploits0
HackRead
HackRead
added 2025/12/11 9:28 a.m.7 views

CastleLoader Malware Now Uses Python Loader to Bypass Security

Cybersecurity researchers at Blackpoint Cyber discovered a new, evasive CastleLoader malware variant using Python and ClickFix social engineering to deliver RATs and info-stealers directly from memory...

7AI score
Exploits0
HackRead
HackRead
added 2025/10/09 1:11 p.m.5 views

Your Shipment Notification is Now a Malware Dropper

Forcepoint X-Labs reports a surge in sophisticated email attacks using obfuscated JavaScript and steganography to deliver dangerous RATs and info-stealers like Formbook and Agent Tesla. Learn how to defend against the threat...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/27 9:28 a.m.5 views

Blind Eagle's Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra

Cybersecurity researchers have discovered five distinct activity clusters linked to a persistent threat actor known as Blind Eagle between May 2024 and July 2025. These attacks, observed by Recorded Future Insikt Group, targeted various victims, but primarily within the Colombian government acros...

7AI score
Exploits0
HackRead
HackRead
added 2025/08/05 11:49 a.m.7 views

Discord CDN Link Abused to Deliver RAT Disguised as OneDrive File

Hackers are installing multiple RMMs like Atera and Splashtop in a new malware attack. This article details the abuse of Discord CDN link andn fake OneDrive phishing campaign discovered by Sublime Security...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/07/24 3:13 p.m.15 views

CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing

Cybersecurity researchers have shed light on a new versatile malware loader called CastleLoader that has been put to use in campaigns distributing various information stealers and remote access trojans RATs. The activity employs Cloudflare-themed ClickFix phishing attacks and fake GitHub...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/30 1:30 p.m.13 views

Blind Eagle Uses Proton66 Hosting for Phishing, RAT Deployment on Colombian Banks

The threat actor known as Blind Eagle has been attributed with high confidence to the use of the Russian bulletproof hosting service Proton66. Trustwave SpiderLabs, in a report published last week, said it was able to make this connection by pivoting from Proton66-linked digital assets, leading t...

6.5CVSS8.4AI score0.81817EPSS
Exploits0
HackRead
HackRead
added 2025/06/05 12:2 p.m.7 views

ClickFix Email Scam Alert: Fake Booking.com Emails Deliver Malware

Cofense Intelligence uncovers a surge in ClickFix email scams impersonating Booking.com, delivering RATs and info-stealers. Learn how these…...

7.3AI score
Exploits0
HackRead
HackRead
added 2025/05/21 9:4 a.m.12 views

Scammers Use Fake Kling AI Ads to Spread Malware

Scammers impersonate Kling AI AI-powered video generation tool using fake ads and websites to spread malware. Check Point Research details how the attack tricks users into downloading RATs...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/03 5:39 p.m.22 views

Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware

Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. "These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hostin...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/03/11 2:35 p.m.23 views

Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks

The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. "The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection...

6.5CVSS7.3AI score0.81817EPSS
Exploits0
Securelist
Securelist
added 2024/11/29 10:0 a.m.25 views

IT threat evolution Q3 2024

IT threat evolution in Q3 2024 IT threat evolution in Q3 2024. Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics Targeted attacks New APT threat actor targets Russian government entities In May 2024, we discovered a new APT targeting Russian government organizations...

8.2AI score0.97798EPSS
Exploits49
The Hacker News
The Hacker News
added 2024/11/01 9:48 a.m.22 views

Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft

Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate highly evasive password spray attacks. The tech giant has given the botnet the name CovertNetwork-1658, stating the password spray operations are used to steal credentials...

8.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/20 6:14 a.m.23 views

Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America

Cybersecurity researchers have shed light on a threat actor known as Blind Eagle that has persistently targeted entities and individuals in Colombia, Ecuador, Chile, Panama, and other Latin American nations. Targets of these attacks span several sectors, including governmental institutions,...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/11 5:19 a.m.62 views

PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks

Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency miners, and distributed denial-of-service DDoS botnets. The vulnerability in question is CVE-2024-4577 CVSS score: 9.8, which allows an attacker to...

9.8CVSS9.7AI score0.99987EPSS
Exploits64
The Hacker News
The Hacker News
added 2024/06/13 10:19 a.m.14 views

Cybercriminals Employ PhantomLoader to Distribute SSLoad Malware

The nascent malware known as SSLoad is being delivered by means of a previously undocumented loader called PhantomLoader, according to findings from cybersecurity firm Intezer. "The loader is added to a legitimate DLL, usually EDR or AV products, by binary patching the file and employing...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/06 9:54 a.m.12 views

Hackers Exploit Legitimate Packer Software to Spread Malware Undetected

Threat actors are increasingly abusing legitimate and commercially available packer software such as BoxedApp to evade detection and distribute malware such as remote access trojans and information stealers. "The majority of the attributed malicious samples targeted financial institutions and...

7.1AI score
Exploits0
Rows per page
Query Builder