Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT
The threat actor known as Dragon Breath has been observed making use…
Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive
Nov 03, 2025Ravie LakshmananCryptocurrency / Threat Intelligence Cybersecurity researchers have flagged a…
Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT
The threat actors behind a malware family known as Winos 4.0 (aka…
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers
Oct 10, 2025Ravie LakshmananRansomware / Data Theft Cybersecurity researchers have disclosed details…
China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks
Sep 27, 2025Ravie LakshmananMalware / Network Security Telecommunications and manufacturing sectors in…
TA558 Uses AI-Generated Scripts to Deploy Venom RAT in Brazil Hotel Attacks
The threat actor known as TA558 has been attributed to a fresh…
HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks
Chinese-speaking users are the target of a search engine optimization (SEO) poisoning…
CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems
Cybersecurity researchers have discovered two new malware families, including a modular Apple…
TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations
The threat actor behind the malware-as-a-service (MaaS) framework and loader called CastleLoader…