Malware & Threats Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Cybercrime

OnyxC2 Stealer Offers Cybercriminals Enterprise-Grade Theft for $250 a Month

Researchers say the OnyxC2 malware targets more than 200 applications and extensions while evading detection through encrypted payloads, DLL sideloading, and in-memory execution techniques.

Kevin Townsend4 days ago

Identity & Access

Infostealers Turn Millions of Devices Into Credential Theft Machines

As attackers increasingly favor stolen credentials over exploits, infostealers have become a primary source of access for ransomware and other cybercrime operations.

Kevin Townsend5 days ago

Malware & Threats

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

The most recent variants of the self-propagating attacks are named Miasma and Hades.

Ionut Arghire6 days ago

Cybercrime

Chinese Cybercrime Group in Spotlight for Record Campaign Pace

Relying on social engineering, the hacking group engages in credential phishing, malware distribution, and fraud activities.

Ionut ArghireJune 4, 2026

Malware & Threats

Russian APT Exploits Zimbra Vulnerability Against Ukraine

Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser.

Ionut ArghireMarch 19, 2026

Malware & Threats

Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach

The medtech giant has been working on restoring systems affected by the cyberattack conducted by the Handala hackers.

Eduard KovacsMarch 18, 2026

Malware & Threats

174 Vulnerabilities Targeted by RondoDox Botnet

The botnet has increased its activity, peaking at 15,000 exploitation attempts per day, and taking a more targeted approach.

Ionut ArghireMarch 17, 2026

Malware & Threats

Threat Actor Targeting VPN Users in New Credential Theft Campaign

Storm-2561 is distributing fake VPN clients through SEO poisoning, deploying trojans, and stealing login information.

Ionut ArghireMarch 16, 2026

Malware & Threats

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign.

Ionut ArghireMarch 16, 2026

Malware & Threats

In Other News: N8n Flaw Exploited, Slopoly Malware, Interpol Cybercrime Crackdown

Other noteworthy stories that might have slipped under the radar: Telus Digital data breach, vulnerabilities in Linux AppArmor allow root privileges, US defense contractor...

SecurityWeek NewsMarch 13, 2026

Cybercrime

Authorities Disrupt SocksEscort Proxy Service Powered by AVrecon Botnet

Law enforcement agencies in the US and Europe targeted the cybercrime service that has impacted 360,000 devices since 2020.

Eduard KovacsMarch 13, 2026

Cybercrime

Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea

The 2024 incident was initially linked to China, but an infostealer infection has now revealed North Korean involvement.

Eduard KovacsMarch 12, 2026

Endpoint Security

‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload

The malware disables antivirus and EDR protections at the kernel level, clearing the path for credential harvesting, system reconnaissance, and eventual data exfiltration.

Kevin TownsendMarch 11, 2026

Malware & Threats

ClickFix Attack Uses Windows Terminal to Evade Detection

Fake CAPTCHA pages instruct victims to paste malicious commands in the Windows Terminal instead of the Run dialog.

Ionut ArghireMarch 9, 2026

Malware & Threats

Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign

Threat actors replace legitimate commands on the cloned installation webpages with malicious commands.

Ionut ArghireMarch 9, 2026

Malware & Threats

Over 100 GitHub Repositories Distributing BoryptGrab Stealer

The malware targets browser and cryptocurrency wallet data, along with system information and user files.

Ionut ArghireMarch 7, 2026

Malware & Threats

How Pirated Software Turns Helpful Employees Into Malware Delivery Agents

Employees seeking free versions of paid software may unknowingly install malware-laced “cracked” apps that can steal credentials, deploy cryptominers, or open the door to...

Kevin TownsendMarch 4, 2026

Malware & Threats

North Korean APT Targets Air-Gapped Systems in Recent Campaign

Using Windows shortcut files, the APT deployed a new implant, a loader, a propagation tool, and two backdoors.

Ionut ArghireMarch 2, 2026

Malware & Threats

In Other News: ATT&CK Advisory Council, Russian Cyberattacks Aid Missile Strikes, Predator Bypasses iOS Indicators

Other noteworthy stories that might have slipped under the radar: cyber valuations surge, OpenAI disrupts malicious AI use, ShinyHunters claims Odido breach.

SecurityWeek NewsFebruary 27, 2026

Malware & Threats

Aeternum Botnet Loader Employs Polygon Blockchain C&C to Boost Resilience

Aeternum operates on smart contracts, making its command-and-control (C&C) infrastructure difficult to disrupt.

Ionut ArghireFebruary 27, 2026

Malware & Threats

Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers

Already added to CISA’s KEV catalog, the flaw allows attackers to bypass authentication and gain administrative privileges.

Ionut ArghireFebruary 26, 2026

Malware & Threats

Google Disrupts Chinese Hackers Targeting Telecoms, Governments

The UNC2814 threat actor has been active since at least 2017, targeting organizations across 42 countries.

Eduard KovacsFebruary 25, 2026

Malware & Threats

‘Arkanix Stealer’ Malware Disappears Shortly After Debut

Written in C++ and Python, the malware exfiltrates system information, browser data, and steals files.

Ionut ArghireFebruary 24, 2026

Malware & Threats

New ‘Sandworm_Mode’ Supply Chain Attack Hits NPM

The malicious code propagates like a worm, poisons AI assistants, exfiltrates secrets, and contains a destructive dead switch.

Ionut ArghireFebruary 24, 2026

Page 4 of 311‹ Previous 1 2 345 6 7 8 Next ›Last »

Webinar: How Modern Breaches Bypass MFA and Evade Detection

June 17, 2026

Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.

Webinar: Modern Exposure Validation in the AI Era

June 24, 2026

AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.

SECURITYWEEK NETWORK:

ICS:

Cybercrime

OnyxC2 Stealer Offers Cybercriminals Enterprise-Grade Theft for $250 a Month

Identity & Access

Infostealers Turn Millions of Devices Into Credential Theft Machines

Malware & Threats

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Cybercrime

Chinese Cybercrime Group in Spotlight for Record Campaign Pace

Malware & Threats

Russian APT Exploits Zimbra Vulnerability Against Ukraine

Malware & Threats

Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach

Malware & Threats

174 Vulnerabilities Targeted by RondoDox Botnet

Malware & Threats

Threat Actor Targeting VPN Users in New Credential Theft Campaign

Malware & Threats

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Malware & Threats

In Other News: N8n Flaw Exploited, Slopoly Malware, Interpol Cybercrime Crackdown

Cybercrime

Authorities Disrupt SocksEscort Proxy Service Powered by AVrecon Botnet

Cybercrime

Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea

Endpoint Security

‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload

Malware & Threats

ClickFix Attack Uses Windows Terminal to Evade Detection

Malware & Threats

Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign

Malware & Threats

Over 100 GitHub Repositories Distributing BoryptGrab Stealer

Malware & Threats

How Pirated Software Turns Helpful Employees Into Malware Delivery Agents

Malware & Threats

North Korean APT Targets Air-Gapped Systems in Recent Campaign

Malware & Threats

In Other News: ATT&CK Advisory Council, Russian Cyberattacks Aid Missile Strikes, Predator Bypasses iOS Indicators

Malware & Threats

Aeternum Botnet Loader Employs Polygon Blockchain C&C to Boost Resilience

Malware & Threats

Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers

Malware & Threats

Google Disrupts Chinese Hackers Targeting Telecoms, Governments

Malware & Threats

‘Arkanix Stealer’ Malware Disappears Shortly After Debut

Malware & Threats

New ‘Sandworm_Mode’ Supply Chain Attack Hits NPM

Daily Briefing Newsletter

Trending

Webinar: How Modern Breaches Bypass MFA and Evade Detection

Webinar: Modern Exposure Validation in the AI Era

People on the move

Expert Insights

After AI Reaches Production: 12 Ways Security Teams Can Take Control

Everybody Is Vibe Coding But Nobody Told the Security Team

The Zero-Knowledge Threat Actor and the End of Responsible Disclosure

Raising the Cybersecurity Stakes: Ante up for the Agentic Era

Caught Off Guard: Securing AI After It Hits Production

Daily Briefing Newsletter