Penetration Testing

NOVEMBER 18, 2024

This group used malware-infected video conference... The post North Korean Hackers Target Job Seekers with Malware-Laced Video Apps appeared first on Cybersecurity News. A recent report by Unit 42 researchers uncovers a complex phishing campaign linked to a cluster of North Korean IT workers tracked as CL-STA-0237.

Malware 111

Malware Phishing Cybersecurity 111

Penetration Testing

MAY 12, 2025

CYFIRMA researchers have revealed a new.NET-based information stealer called PupkinStealer, a lightweight but highly targeted malware that The post PupkinStealer: Tiny Malware, Big Theft via Telegram Bot Exposed appeared first on Daily CyberSecurity.

Malware 93

Malware Cybersecurity 93

Penetration Testing

MAY 7, 2025

Lampion, the banking malware first observed in 2019, has reemerged with new tricks. In a detailed analysis, Unit The post Lampion Malware Returns with ClickFix Tactics to Target Portuguese Sectors appeared first on Daily CyberSecurity.

Malware 94

Malware Banking Cybersecurity 94

Penetration Testing

JUNE 3, 2025

The post Crocodilus Trojan Evolves: Android Malware Goes Global with New Seed Phrase Stealer and Contact Injection appeared first on Daily CyberSecurity.

Malware 101

Malware Cybersecurity Banking Cryptocurrency 101

Penetration Testing

JUNE 3, 2025

Wordfence uncovers a sophisticated WordPress malware disguised as a legitimate plugin, stealing admin credentials & enabling remote code execution.

Malware 95

Malware Cybersecurity 95

Penetration Testing

MAY 14, 2025

The ReversingLabs research team has uncovered yet another software supply chain attack targeting the cryptocurrency ecosystem, this time The post PyPI Malware Alert: Malicious ‘solana-token’ Package Targets Solana Developers appeared first on Daily CyberSecurity.

Malware 92

Malware Cryptocurrency Software Cybersecurity 92

Penetration Testing

MAY 22, 2025

The Wordfence Threat Intelligence Team has uncovered a new and deeply stealthy formjacking malware targeting WooCommerce, the widely-used The post Stealthy Skimmer: New Formjacking Malware Targets WooCommerce Checkouts appeared first on Daily CyberSecurity.

Malware 78

Malware Cybersecurity 78

Penetration Testing

MAY 23, 2025

A new wave of deceptive attacks is weaponizing the trusted Cloudflare brand to deliver Windows-based malware through compromised The post Warning: New Malvertising Campaign Uses Fake Cloudflare Pages to Deliver Malware appeared first on Daily CyberSecurity.

Malware 86

Malware Cybersecurity 86

Penetration Testing

MAY 9, 2025

A new cyberattack is targeting macOS users, with the Atomic Stealer malware being distributed under the guise of The post Atomic Stealer Malware Targets macOS Users with Fake Evernote Crack appeared first on Daily CyberSecurity.

Malware 78

Malware Cybersecurity 78

Penetration Testing

MAY 12, 2025

Palo Alto Networks Unit 42 has uncovered a sophisticated obfuscation technique leveraging steganography to hide malware within bitmap The post Stealth in Pixels: NET Malware Hides Payloads in Bitmap Resources appeared first on Daily CyberSecurity.

Malware 80

Malware Cybersecurity 80

Penetration Testing

MAY 25, 2025

Elastic Security Labs has identified a new malware family dubbed “DOUBLELOADER” that leverages ALCATRAZa game-hacking inspired obfuscatorto deploy The post DOUBLELOADER Malware Uses ALCATRAZ Obfuscator to Evade Detection appeared first on Daily CyberSecurity.

Malware 75

Malware Hacking Cybersecurity 75

Penetration Testing

MAY 19, 2025

In a detailed threat analysis, AhnLab SEcurity intelligence Center (ASEC) has uncovered a deceptive malware campaign involving DBatLoaderalso The post DBatLoader Analysis: Evasive Malware Uses DLL Side-Loading and Anti-Detection Tactics appeared first on Daily CyberSecurity.

Malware 80

Malware Security Intelligence Cybersecurity 80

Penetration Testing

MAY 15, 2025

Zscaler ThreatLabz has uncovered a new and dangerous malware loader dubbed TransferLoader, actively used in the wild since The post TransferLoader Malware Unmasked: IPFS-Enabled Loader Deploys Ransomware and Backdoors with Obfuscation Precision appeared first on Daily CyberSecurity.

Malware 78

Malware Ransomware Cybersecurity 78

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS 323

DNS Penetration Testing Malware Hacking 323

Penetration Testing

MAY 13, 2025

In a recent investigation, FortiGuard Labs has exposed a sophisticated phishing campaign distributing the Horabot malware family, a The post Horabot Malware Targets Latin America with Sophisticated Phishing appeared first on Daily CyberSecurity.

Phishing 71

Phishing Malware Cybersecurity 71

Penetration Testing

NOVEMBER 17, 2024

Operated by a Vietnamese-speaking threat actor, this campaign leverages a... The post PXA Stealer: New Malware Targets Governments and Education Across Europe and Asia appeared first on Cybersecurity News.

Education 94

Education Government Malware Cybersecurity 94

Penetration Testing

MAY 25, 2025

Department of Justice (DOJ) has unsealed charges against Russian national Rustam Rafailevich Gallyamov, the alleged architect The post Qakbot Mastermind Indicted: Russian Architect of $50M Malware Empire Charged appeared first on Daily CyberSecurity.

Malware 77

Malware Cybersecurity Cybercrime Ransomware 77

Penetration Testing

MAY 18, 2025

Aidan Leon, cybersecurity practitioner and threat analyst at ZeroDay Labs, has disclosed a sophisticated supply chain attack involving The post RVTools Supply Chain Attack: Bumblebee Malware Delivered via Trusted VMware Utility appeared first on Daily CyberSecurity.

Malware 78

Malware Cybersecurity 78

Penetration Testing

MAY 25, 2025

Threat actors have ramped up a new social engineering campaign, dubbed “ClickFix,” where fake CAPTCHA prompts embedded in The post Deceptive CAPTCHA: ClickFix Campaign Uses Clipboard Injection to Deliver Malware appeared first on Daily CyberSecurity.

Social Engineering 71

Social Engineering Malware Engineering Cybersecurity 71

Penetration Testing

APRIL 6, 2025

The threat actors are deploying new npm packages that deliver the previously identified BeaverTail malware and are introducing new packages with remote access trojan (RAT) loader […] The post Lazarus Group Expands Malicious Campaign on npm, Targets Developers with New Malware appeared first on Daily CyberSecurity.

Malware 76

Malware Cybersecurity 76

Penetration Testing

MAY 28, 2025

A newly analyzed variant of the Katz Stealer malware has been dissected by the Nextron Threat Research Team, The post Beware Katz Stealer: Sophisticated Malware-as-a-Service Steals Everything appeared first on Daily CyberSecurity.

Malware 64

Malware Cybersecurity Cryptocurrency 64

IT Security Guru

JANUARY 30, 2025

Malware Infections Malware is simply dangerous programs installed on devices through suspicious downloads or links. Ransomware This is malware that locks a platforms systems or personal files until a ransom is paid to regain access.

Cyber Risk 95

Cyber Risk Risk Penetration Testing Accountability 95

Penetration Testing

APRIL 3, 2025

The The post CVE-2025-22457: UNC5221 Exploits Ivanti Zero-Day Flaw to Deploy TRAILBLAZE and BRUSHFIRE Malware appeared first on Daily CyberSecurity. Ivanti has recently disclosed a critical security vulnerability, identified as CVE-2025-22457, affecting several of its widely-used products.

Malware 84

Malware Cybersecurity VPN 84

Penetration Testing

MAY 18, 2025

Recently, WithSecures Threat Intelligence team uncovered a sophisticated malware campaign where the open-source password manager KeePass was trojanised The post Trojanized KeePass Used to Deploy Cobalt Strike and Steal Credentials appeared first on Daily CyberSecurity.

Password Management 138

Password Management Passwords Malware Cybersecurity 138

Penetration Testing

MAY 23, 2025

Department of Justice has unsealed charges against 16 individuals allegedly behind the DanaBot malware operation, a The post DanaBot Takedown: 16 Indicted for $50M Malware Operation appeared first on Daily CyberSecurity.

Malware 60

Malware Cybersecurity Cybercrime Ransomware 60

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime 353

Cybercrime Malware VPN Ransomware 353

Penetration Testing

DECEMBER 16, 2024

Unit 42 has uncovered HeartCrypt, a Packer-as-a-Service (PaaS) designed to protect malware from detection. Since its launch in February 2024, HeartCrypt has rapidly become a popular choice among cybercriminals, packing... The post HeartCrypt: A Packer-as-a-Service Fueling Malware Campaigns appeared first on Cybersecurity News.

Malware 60

Malware Cybersecurity 60

Penetration Testing

MAY 7, 2025

In a concerning escalation of cyber-espionage activity, Google’s Threat Intelligence Group (GTIG) has revealed the emergence of a The post Google Uncovers LOSTKEYS Malware Used by Russian COLDRIVER for Cyber Espionage appeared first on Daily CyberSecurity.

Malware 67

Malware Cybersecurity 67

Penetration Testing

NOVEMBER 4, 2024

In a recent report by the National Cyber Security Centre (NCSC), analysts detailed a new malware threat targeting network devices, dubbed “Pygmy Goat.” This backdoor malware, discovered on Sophos XG... The post Pygmy Goat Malware: A Sophisticated Network Device Backdoor Targets Firewalls appeared first on Cybersecurity News.

Firewall 70

Firewall Malware Cybersecurity 70

Penetration Testing

NOVEMBER 3, 2024

This campaign, discovered on October 31, 2024, aims to... The post Typosquat Campaign Targets Puppeteer Users: Researcher Warns of Malware in npm Packages appeared first on Cybersecurity News.

Malware 70

Malware Cryptocurrency Cybersecurity 70

The Last Watchdog

MARCH 24, 2025

eWPTX – a highly respected certification that is 100% practical and validates the advanced skills necessary to conduct in-depth penetration tests on modern web applications. For example, network defense and malware analysis labs show engineers how to contain ransomware outbreaks.

Healthcare 113

Healthcare Penetration Testing Education Cyber threats 113

Penetration Testing

DECEMBER 20, 2024

Wiz Threat Research revealed a new malware campaign orchestrated by the Romanian-speaking threat group Diicot, also known as Mexals.

Malware 60

Malware Cybersecurity 60

Penetration Testing

DECEMBER 21, 2024

Kaspersky has uncovered a fresh variant of the BellaCiao malware familyBellaCPPmarking a shift from.NET to C++ in its development. First appearing in April 2023, BellaCiao is a.NET-based malware... The post From.NET to C++: BellaCiao Malware Evolves with BellaCPP appeared first on Cybersecurity News.

Malware 67

Malware Cybersecurity 67

Penetration Testing

NOVEMBER 10, 2024

Kaspersky Labs has unveiled an advanced malware framework, QSC, reportedly deployed by the CloudComputating group (also known as BackdoorDiplomacy).

Malware 60

Malware Architecture Cybersecurity 60

Penetration Testing

MAY 28, 2025

A recent investigation by The post Warning: Thousands of Ads Promote Fake AI Video Tools Distributing Malware appeared first on Daily CyberSecurity. As artificial intelligence tools rise in popularity, so too does their abuse by cybercriminals.

Artificial Intelligence 60

Artificial Intelligence Malware Cybersecurity Social Engineering 60

Penetration Testing

APRIL 27, 2025

Threat analysts at Silent Push have uncovered a new campaign orchestrated by the North Korean state-sponsored APT group, The post North Korean APT ‘Contagious Interview’ Launches Fake Crypto Companies to Spread Malware Trio appeared first on Daily CyberSecurity.

Malware 78

Malware Cybersecurity Social Engineering Cyber Attacks 78

Penetration Testing

APRIL 30, 2025

Researchers at Palo Alto Networks Unit 42 have unveiled a new, actively developed malware strain dubbed Gremlin Stealer, The post Gremlin Stealer Malware Targets Browsers, Crypto Wallets, and VPNs in Telegram-Based Campaign appeared first on Daily CyberSecurity.

Malware 70

Malware Cybersecurity VPN Cryptocurrency 70