Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

The Hacker News
The Hacker Newsadded 2025/12/04 5:25 p.m.5 views

Silver Fox Uses Fake Microsoft Teams Installer to Spread ValleyRAT Malware in China

The threat actor known as Silver Fox has been spotted orchestrating a false flag operation to mimic a Russian threat group in attacks targeting organizations in China. The search engine optimization SEO poisoning campaign leverages Microsoft Teams lures to trick unsuspecting users into downloadin...

7.3AI score
Exploits0
HackRead
HackReadadded 2025/09/02 9:21 a.m.4 views

Silver Fox APT Exploits Signed Windows Driver to Deliver ValleyRAT

Check Point reports Silver Fox APT using a signed WatchDog driver flaw to disable Windows security and deliver…...

7AI score
Exploits0
The Hacker News
The Hacker Newsadded 2025/09/02 8:39 a.m.6 views

Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware

The threat actor known as Silver Fox has been attributed to abuse of a previously unknown vulnerable driver associated with WatchDog Anti-malware as part of a Bring Your Own Vulnerable Driver BYOVD attack aimed at disarming security solutions installed on compromised hosts. The vulnerable driver ...

6.8AI score
Exploits0
HackRead
HackReadadded 2025/02/25 1:12 p.m.18 views

Silver Fox APT Hides ValleyRAT in Trojanized Medical Imaging Software

Chinese Silver Fox APT exploits trojanized medical imaging software to spread ValleyRAT malware, posing a serious threat to…...

7.2AI score
Exploits0
The Hacker News
The Hacker Newsadded 2025/02/06 2:34 p.m.17 views

Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking

Bogus websites advertising Google Chrome have been used to distribute malicious installers for a remote access trojan called ValleyRAT. The malware, first detected in 2023, is attributed to a threat actor tracked as Silver Fox, with prior attack campaigns primarily targeting Chinese-speaking...

7.5AI score
Exploits0
HackRead
HackReadadded 2025/02/04 4:47 p.m.9 views

New ValleyRAT Malware Variant Spreading via Fake Chrome Downloads

Morphisec uncovers a new ValleyRAT malware variant with advanced evasion tactics, multi-stage infection chains, and novel delivery methods…...

7.3AI score
Exploits0
The Hacker News
The Hacker Newsadded 2025/01/21 5:45 a.m.6 views

PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers

Cybersecurity researchers are calling attention to a series of cyber attacks that have targeted Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China with a known malware called ValleyRAT. The attacks leverage a multi-stage loader dubbed PNGPlug to deliver the ValleyRAT payload,...

7.7AI score
Exploits0
The Hacker News
The Hacker Newsadded 2024/08/16 11:40 a.m.60 views

Multi-Stage ValleyRAT Targets Chinese Users with Advanced Tactics

Chinese-speaking users are the target of an ongoing campaign that distributes a malware known as ValleyRAT. "ValleyRAT is a multi-stage malware that utilizes diverse techniques to monitor and control its victims and deploy arbitrary plugins to cause further damage," Fortinet FortiGuard Labs...

9.3CVSS8.5AI score0.94302EPSS
Exploits29
Rows per page
Query Builder