Malware & Threats Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Malware & Threats

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Other noteworthy stories that might have slipped under the radar: Android TV botnet Popa linked to Israeli firm, Velvet Ant maintained decade-long stealth, unpatched...

SecurityWeek News2 days ago

Malware & Threats

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

CryptoBandits uses a local SOCKS5 proxy for traffic routing, blending data theft with remote code execution.

Ionut Arghire2 days ago

Malware & Threats

FortiBleed: 86,000 Fortinet Device Credentials Compromised

The large-scale credential theft campaign hit roughly half of the internet-accessible Fortinet firewalls and VPNs.

Ionut Arghire2 days ago

Malware & Threats

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Law enforcement and private partners took down 106 SocGholish C&C servers and domains as part of Operation Endgame.

Ionut Arghire2 days ago

Malware & Threats

Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries

Palo Alto Networks has not attributed the APT activity to any specific country, but evidence points to China.

Eduard KovacsFebruary 5, 2026

Malware & Threats

Critical React Native Vulnerability Exploited in the Wild

Albeit mainly considered a theoretical risk, the flaw has been exploited to disable protections and deliver malware.

Ionut ArghireFebruary 3, 2026

Malware & Threats

Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability

The attacks targeting Europe were analyzed by Ukraine’s CERT-UA and the cybersecurity company Zscaler.

Eduard KovacsFebruary 3, 2026

Malware & Threats

Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack

A hacker published malicious versions of four established VS Code extensions to distribute a GlassWorm malware loader.

Ionut ArghireFebruary 2, 2026

Malware & Threats

Cyber Insights 2026: Malware and Cyberattacks in the Age of AI

Security leaders share how artificial intelligence is changing malware, ransomware, and identity-led intrusions, and how defenses must evolve.

Kevin TownsendFebruary 2, 2026

Malware & Threats

Over 1,400 MongoDB Databases Ransacked by Threat Actor

Of 3,100 unprotected MongoDB instances, half remain compromised, most of them by a single threat actor.

Ionut ArghireFebruary 2, 2026

Malware & Threats

eScan Antivirus Delivers Malware in Supply Chain Attack

Hackers compromised a MicroWorld Technologies update server and fed a malicious file to eScan customers.

Ionut ArghireJanuary 31, 2026

Malware & Threats

Hugging Face Abused to Deploy Android RAT

Android users were lured to applications that served a malicious payload hosted in a Hugging Face repository.

Ionut ArghireJanuary 30, 2026

Artificial Intelligence

LLMs Hijacked, Monetized in ‘Operation Bizarre Bazaar’

An LLMjacking operation has been targeting exposed LLMs and MCPs at scale, for commercial monetization.

Ionut ArghireJanuary 29, 2026

Malware & Threats

Google Disrupts IPIDEA Proxy Network

One of the largest residential proxy networks, IPIDEA enrolled devices through SDKs for mobile and desktop.

Ionut ArghireJanuary 29, 2026

Malware & Threats

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability

Russian and Chinese state-sponsored threat actors have been exploiting CVE-2025-8088 since July 2025.

Ionut ArghireJanuary 28, 2026

Artificial Intelligence

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

Marketed as ChatGPT enhancement and productivity tools, the extensions allow the threat actor to access the victim's ChatGPT data.

Ionut ArghireJanuary 27, 2026

Malware & Threats

‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing

Priced $2,000 - $6,000 on a cybercrime forum, the MaaS toolkit promises publication on the Chrome Web Store.

Ionut ArghireJanuary 26, 2026

ICS/OT

Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid

10 years after disrupting the Ukrainian power grid, the APT targeted Poland with data-wiping malware.

Ionut ArghireJanuary 26, 2026

Malware & Threats

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

The hackers trick victims into accessing GitHub or GitLab repositories that are opened using Visual Studio Code.

Ionut ArghireJanuary 21, 2026

Malware & Threats

APT-Grade PDFSider Malware Used by Ransomware Groups

Providing cyberespionage and remote code execution capabilities, the malware is executed via DLL sideloading.

Ionut ArghireJanuary 20, 2026

Malware & Threats

‘SolyxImmortal’ Information Stealer Emerges

The information stealer abuses legitimate APIs and libraries to exfiltrate data to Discord webhooks.

Ionut ArghireJanuary 19, 2026

Malware & Threats

Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’

Posing as an ad blocker, the malicious extension crashes the browser to lure victims into installing malware.

Ionut ArghireJanuary 19, 2026

Malware & Threats

VoidLink Linux Malware Framework Targets Cloud Environments

Designed for long-term access, the framework targets cloud and container environments with loaders, implants, and rootkits.

Ionut ArghireJanuary 15, 2026

Malware & Threats

Predator Spyware Turns Failed Attacks Into Intelligence for Future Exploits

The Predator spyware is more sophisticated and dangerous than previously realized.

Kevin TownsendJanuary 14, 2026

Page 6 of 311« First ‹ Previous 2 3 4 567 8 9 10 Next ›Last »

Webinar: How Modern Breaches Bypass MFA and Evade Detection

June 17, 2026

Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.

Webinar: Modern Exposure Validation in the AI Era

June 24, 2026

AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.

SECURITYWEEK NETWORK:

ICS:

Malware & Threats

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Malware & Threats

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

Malware & Threats

FortiBleed: 86,000 Fortinet Device Credentials Compromised

Malware & Threats

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Malware & Threats

Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries

Malware & Threats

Critical React Native Vulnerability Exploited in the Wild

Malware & Threats

Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability

Malware & Threats

Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack

Malware & Threats

Cyber Insights 2026: Malware and Cyberattacks in the Age of AI

Malware & Threats

Over 1,400 MongoDB Databases Ransacked by Threat Actor

Malware & Threats

eScan Antivirus Delivers Malware in Supply Chain Attack

Malware & Threats

Hugging Face Abused to Deploy Android RAT

Artificial Intelligence

LLMs Hijacked, Monetized in ‘Operation Bizarre Bazaar’

Malware & Threats

Google Disrupts IPIDEA Proxy Network

Malware & Threats

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability

Artificial Intelligence

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

Malware & Threats

‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing

ICS/OT

Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid

Malware & Threats

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

Malware & Threats

APT-Grade PDFSider Malware Used by Ransomware Groups

Malware & Threats

‘SolyxImmortal’ Information Stealer Emerges

Malware & Threats

Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’

Malware & Threats

VoidLink Linux Malware Framework Targets Cloud Environments

Malware & Threats

Predator Spyware Turns Failed Attacks Into Intelligence for Future Exploits

Daily Briefing Newsletter

Trending

Webinar: How Modern Breaches Bypass MFA and Evade Detection

Webinar: Modern Exposure Validation in the AI Era

People on the move

Expert Insights

No Exploits Required

After AI Reaches Production: 12 Ways Security Teams Can Take Control

Everybody Is Vibe Coding But Nobody Told the Security Team

The Zero-Knowledge Threat Actor and the End of Responsible Disclosure

Raising the Cybersecurity Stakes: Ante up for the Agentic Era

Daily Briefing Newsletter