-
Meet ZeroDayRAT, a newly advertised malware targeting Android and iOS devices with surveillance, location tracking, and crypto theft tools sold via Telegram as a MaaS service.
·
Anatsa, Android, cybersecurity, Cyberthint, iOS, MaaS, Malware, SCAM, Security, spyware, Telegram, ZeroDayRAT¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing steganography in PNG images to smuggle a Pulsar Remote Access Trojan (RAT) into Windows systems through a malicious NPM package named buildrunner‑dev. The attack starts with a typosquatted NPM package, buildrunner‑dev, which imperso…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A typosquatted copy of the popular Huorong Security antivirus site is being used to deliver ValleyRAT, a modular remote access trojan (RAT) built on the Winos4.0 framework, to users who believe they are downloading legitimate protection software. The a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GrayCharlie is abusing compromised WordPress sites to silently load malicious JavaScript that pushes NetSupport RAT, often followed by Stealc and SectopRAT, via fake browser updates and ClickFix lures. Insikt Group tracks GrayCharlie as a financially m…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new phishing campaign is spreading XWorm 7.2 via malicious Excel files, hiding the malware in Windows processes, and using AES encryption to steal passwords and Wi-Fi keys.
·
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Silver Fox APT is running a new wave of targeted attacks in Taiwan that combine DLL sideloading and Bring Your Own Vulnerable Driver (BYOVD) techniques to deploy Winos 4.0 (ValleyRat) while aggressively disabling security tools. The campaigns rely on h…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Veracode reveal a typosquatting attack that disguises Pulsar RAT as images to bypass Windows security and antivirus programs.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers at CyberProof have identified a new fake captcha campaign linked to the ClickFix operation. This stealthy infostealer targets over 25 browsers, cryptocurrency wallets like MetaMask, and gaming accounts by tricking users into executing malic…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CharlieKirk Grabber is a Python-based Windows infostealer that focuses on rapid “smash‑and‑grab” credential theft and data exfiltration rather than long-term system control or destructive behavior. It targets browser‑stored passwords, Wi‑Fi keys, Disco…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ploutus malware is powering a new wave of “jackpotting” attacks that drain U.S. ATMs without needing a bank card, customer account, or bank authorization, prompting the FBI to issue an emergency FLASH alert to financial institutions nationwide. Accord…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
