-
Fake Xeno and Roblox gaming tools are spreading a Windows RAT (remote access trojan) using PowerShell and LOLBins, Microsoft Threat Intelligence warns.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new backdoor dubbed Dohdoor is actively targeting schools and health care organizations in the United States through a stealthy multi-stage attack chain. UAT-10027 focuses on education and health care entities in the U.S., sectors that handle highly …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
North Korean threat group APT37 is using a new multi‑stage toolset to jump air‑gaps and conduct deep surveillance by abusing removable media, Ruby, and cloud services in a campaign Zscaler ThreatLabz tracks as “Ruby Jumper.” The campaign’s main goal i…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Qrator Research Lab has identified Aeternum C2, a botnet that uses the Polygon blockchain for commands, making it nearly impossible to shut down.
·
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ResidentBat is a custom Android spyware implant used by the Belarusian KGB to turn seized smartphones into long‑lived surveillance platforms against journalists and civil society targets. Operating outside the Play Store ecosystem and requiring hands‑o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Certo reveal Oblivion, a new Android Trojan targeting major brands like Samsung and Xiaomi. It bypasses security to steal passwords and bank codes.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Meet ZeroDayRAT, a newly advertised malware targeting Android and iOS devices with surveillance, location tracking, and crypto theft tools sold via Telegram as a MaaS service.
·
Anatsa, Android, cybersecurity, Cyberthint, iOS, MaaS, Malware, SCAM, Security, spyware, Telegram, ZeroDayRAT¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing steganography in PNG images to smuggle a Pulsar Remote Access Trojan (RAT) into Windows systems through a malicious NPM package named buildrunner‑dev. The attack starts with a typosquatted NPM package, buildrunner‑dev, which imperso…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A typosquatted copy of the popular Huorong Security antivirus site is being used to deliver ValleyRAT, a modular remote access trojan (RAT) built on the Winos4.0 framework, to users who believe they are downloading legitimate protection software. The a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GrayCharlie is abusing compromised WordPress sites to silently load malicious JavaScript that pushes NetSupport RAT, often followed by Stealc and SectopRAT, via fake browser updates and ClickFix lures. Insikt Group tracks GrayCharlie as a financially m…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
