-
A malicious ISO image named Servicenow-BNM-Verify.iso was uploaded to VirusTotal from Malaysia with almost no detections. The image contains four files—two openly visible and two hidden. The visible files include a Windows shortcut, servicenow-bnm-veri…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated malvertising campaign has been uncovered targeting unsuspecting users through “dangling commits” in a legitimate GitHub repository. Attackers are injecting promotional content for a counterfeit GitHub Desktop installer into popular deve…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new, sophisticated malware campaign has been uncovered that leverages Microsoft’s Azure Functions for its command-and-control (C2) infrastructure, a novel technique that complicates detection and takedown efforts. According to the Dmpdump report, the malware, first identified from a file uploaded to VirusTotal on August 28, 2025, from Malaysia, employs a multi-stage infection process involving DLL […] The post New Malware Using Azure Functions For Hosting Command And Control Infrastructure appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Recent threat campaigns have revealed an evolving use of BAT-based loaders to deliver Remote Access Trojans (RATs), including XWorm and Remcos. These campaigns typically begin with a ZIP archive—often hosted on seemingly legitimate platforms such as Im…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A Chinese APT group compromised a Philippine military company using a new, fileless malware framework called EggStreme. This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new wave of macOS-targeted malware has emerged under the radar—despite employing advanced process reconnaissance and maintaining successful notarization status for years. Jamf Threat Labs recently uncovered a developer-signed sample on VirusTotal tha…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated espionage campaign leveraging a previously unknown malware strain dubbed GONEPOSTAL, attributed to the notorious Russian state-sponsored group KTA007, better known as Fancy Bear or APT28. The malware transforms Microsoft Outlook into a …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
DarkSamural, a newly identified subspecies of the notorious OceanLotus APT, has launched a sophisticated campaign targeting high-value organizations in Pakistan. Leveraging malicious LNK files masquerading as PDF documents and sophisticated MSC contain…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitHub repositories for malware delivery through sophisticated weaponized LNK files, according to recent analysis by S2W’s Threat Intelligence Center, TALON. This campaign demonstrates the group’s evolving tactics in leveraging trusted plat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An emerging threat campaign has been identified that weaponizes a trojanized version of DeskSoft’s EarthTime application to deploy sophisticated malware, leveraging Remote Desktop Protocol (RDP) access for command execution and network reconnaissance. …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
