Malware & Threats Archives

Malware & Threats

Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian Targets

Turla has been using the backdoor against government and military organizations in Ukraine for espionage.

Ionut Arghire20 hours ago

Cybercrime

Microsoft and Allies Smash Shared Infrastructure of Amadey and StealC Malware

Hundreds of C&C servers were disrupted in an operation involving law enforcement and several cybersecurity companies.

Eduard Kovacs3 days ago

Malware & Threats

New ‘Mistic’ RAT Opens Door to Several Ransomware Families

Mistic is used by Woodgnat, an initial access broker working with Qilin, Interlock, Rhysida, Akira, 8Base, and Black Basta.

Ionut Arghire3 days ago

Malware & Threats

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Other noteworthy stories that might have slipped under the radar: Android TV botnet Popa linked to Israeli firm, Velvet Ant maintained decade-long stealth, unpatched...

SecurityWeek NewsJune 19, 2026

Malware & Threats

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

CryptoBandits uses a local SOCKS5 proxy for traffic routing, blending data theft with remote code execution.

Ionut ArghireJune 19, 2026

Malware & Threats

FortiBleed: 86,000 Fortinet Device Credentials Compromised

The large-scale credential theft campaign hit roughly half of the internet-accessible Fortinet firewalls and VPNs.

Ionut ArghireJune 19, 2026

Malware & Threats

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Law enforcement and private partners took down 106 SocGholish C&C servers and domains as part of Operation Endgame.

Ionut ArghireJune 19, 2026

Malware & Threats

Rokarolla Banking Trojan Targets 200 Applications

The Android malware allows its operators to take control of infected devices and harvest sensitive information.

Eduard KovacsJune 18, 2026

Malware & Threats

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

The attackers deployed a new Go-based backdoor that uses Microsoft Teams servers for command-and-control.

Ionut ArghireJune 17, 2026

Malware & Threats

Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages

Arch Linux suspended account registrations in response to the wave of malicious packages being uploaded to AUR.

Ionut ArghireJune 16, 2026

Cybercrime

OnyxC2 Stealer Offers Cybercriminals Enterprise-Grade Theft for $250 a Month

Researchers say the OnyxC2 malware targets more than 200 applications and extensions while evading detection through encrypted payloads, DLL sideloading, and in-memory execution techniques.

Kevin TownsendJune 11, 2026

Identity & Access

Infostealers Turn Millions of Devices Into Credential Theft Machines

As attackers increasingly favor stolen credentials over exploits, infostealers have become a primary source of access for ransomware and other cybercrime operations.

Kevin TownsendJune 10, 2026

Malware & Threats

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

The most recent variants of the self-propagating attacks are named Miasma and Hades.

Ionut ArghireJune 9, 2026

Cybercrime

Chinese Cybercrime Group in Spotlight for Record Campaign Pace

Relying on social engineering, the hacking group engages in credential phishing, malware distribution, and fraud activities.

Ionut ArghireJune 4, 2026

Malware & Threats

Hackers Target Global Stock Exchange in Espionage Operation

The attackers had access to a senior executive’s email account for 150 days and exfiltrated data for months.

Eduard KovacsJune 3, 2026

Cybercrime

In Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Supply Chain Attacks

Noteworthy stories that might have slipped under the radar: Trump Mobile exposes customer data, phishers target the 2026 FIFA World Cup, CISA responds to...

SecurityWeek NewsMay 29, 2026

Artificial Intelligence

Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks

Researchers warn GreyVibe’s extensive use of ChatGPT, Gemini, and other AI tools offers a glimpse into how future cybercriminal and state-aligned groups will operate.

Kevin TownsendMay 28, 2026

Malware & Threats

New BTMOB Android Malware Enables Full Device Takeover

Delivered via phishing lures, the malware combines financial theft with data exfiltration and remote access.

Ionut ArghireMay 28, 2026

Malware & Threats

GlassWorm Botnet Disrupted

Security firms took down all four command-and-control (C&C) channels used by the GlassWorm malware.

Ionut ArghireMay 27, 2026

Malware & Threats

Iranian APT Targets Aviation, Software Companies With Updated Tools

Nimbus Manticore has continued its operations during and after the US military campaign against Iran.

Ionut ArghireMay 26, 2026

Page 1 of 31112 3 4 5 Next ›Last »

Webinar: Why Email Security Keeps Failing (And What Has to Change)

July 8, 2026

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Virtual Event: 2026 Cloud Security Summit

July 16, 2026

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

SECURITYWEEK NETWORK:

ICS:

Malware & Threats

Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian Targets

Cybercrime

Microsoft and Allies Smash Shared Infrastructure of Amadey and StealC Malware

Malware & Threats

New ‘Mistic’ RAT Opens Door to Several Ransomware Families

Malware & Threats

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Malware & Threats

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

Malware & Threats

FortiBleed: 86,000 Fortinet Device Credentials Compromised

Malware & Threats

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Malware & Threats

Rokarolla Banking Trojan Targets 200 Applications

Malware & Threats

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

Malware & Threats

Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages

Cybercrime

OnyxC2 Stealer Offers Cybercriminals Enterprise-Grade Theft for $250 a Month

Identity & Access

Infostealers Turn Millions of Devices Into Credential Theft Machines

Malware & Threats

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Cybercrime

Chinese Cybercrime Group in Spotlight for Record Campaign Pace

Malware & Threats

Hackers Target Global Stock Exchange in Espionage Operation

Cybercrime

In Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Supply Chain Attacks

Artificial Intelligence

Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks

Malware & Threats

New BTMOB Android Malware Enables Full Device Takeover

Malware & Threats

GlassWorm Botnet Disrupted

Malware & Threats

Iranian APT Targets Aviation, Software Companies With Updated Tools

Daily Briefing Newsletter

Trending

Webinar: Why Email Security Keeps Failing (And What Has to Change)

Virtual Event: 2026 Cloud Security Summit

People on the move

Expert Insights

When Information Becomes the Attack Surface – Understanding AI Agent Traps

What the Latest ShinyHunters Breaches Reveal About Modern Cyberattacks

No Exploits Required

After AI Reaches Production: 12 Ways Security Teams Can Take Control

Everybody Is Vibe Coding But Nobody Told the Security Team

Daily Briefing Newsletter