12 threads tagged with “malware”
Socket discovered 10 malicious npm packages delivering infostealer malware across Windows, Linux, and macOS. What's sophisticated: 4 layers of obfuscation hide payloads, fake CAPTCHA appears legitimat…
Category: Threat Alerts / Supply Chain / Supply Chain
Researchers discovered ten malicious npm packages mimicking popular libraries such as TypeScript, React Router, and Discord.js. These packages deploy an infostealer payload built with PyInstaller, ste…
Category: Threat Intelligence / Malware / Supply Chain
LockBit 5.0 has re-emerged as a dominant ransomware operation, with NCC Group and Check Point data showing a 28% rise in global ransomware incidents. Despite a previous multinational takedown, the gro…
Category: Threat Intelligence / Ransomware / LockBit Operations
Security researchers identified a new campaign leveraging the 'ClickFix' technique to deliver NetSupport RAT loaders. The attack uses malicious pop-ups and fake browser updates to trick users into exe…
Category: Malware / Remote Access Tools / Malware Campaigns
A sophisticated malware campaign has been detected targeting WordPress sites using PHP variable functions and cookie-based obfuscation. The malware fragments code across cookies, reconstructing execut…
Category: Threats / Web Security / Malware
Check Point researchers mapped a resilient malware distribution operation across YouTube that used more than 3,000 videos and a mix of hijacked and fake channels to deliver infostealers such as Lumma …
Category: Threat Alerts / Threat Intelligence / Phishing & Credential Theft
Wordfence details multiple PHP malware samples that abuse variable functions and cookie checks to obfuscate execution and bypass signature-based detection. By reconstructing function names at runtime …
Category: Threat Alerts / Malware & Ransomware / Malware & Ransomware
Security Affairs released its 67th malware roundup highlighting ransomware, phishing, and cybercrime infrastructure takedowns from across the globe. Source: SecurityAffairs.
Category: News / Threat Intelligence / Malware Digest
Unit 42 researchers uncovered a global phishing campaign deploying PhantomVAI Loader to deliver multiple infostealers, including AsyncRAT, XWorm, and FormBook. The malware leverages steganography, obf…
Category: Threat Intelligence / Malware / Malware
Sonatype’s Q3 2025 report reveals a 140% increase in open-source malware, with over 34,000 new malicious packages identified. The Shai-Hulud worm and npm package hijackings highlight a shift toward hi…
Category: Threat Intelligence / Malware / Open Source Threats
Reports indicate ‘MonsterV2’ malware propagating through so-called ClickFix campaigns, leveraging deceptive download flows that push users toward trojanized installers. While details are limited due t…
Category: Threat Alerts / Malware & Ransomware / Malvertising & Delivery
A practitioner-focused overview from Security Boulevard describes common file types abused for malware delivery: PDF, Word, Excel, PowerPoint, compressed archives, executables, images (steganography),…
Category: Industry News / Research & Tools / Malware Delivery