Malware

Situations Involving Malware

Phishing

PHALT#BLYX Campaign Uses Fake Booking.com Alerts to Deploy DCRat in European Hospitality Attacks

Jan 6, 2026

•

5 min read

PHALT#BLYX Campaign Uses Fake Booking.com Alerts to Deploy DCRat in European Hospitality Attacks

Fake blue screen errors instruct users to execute malicious commands

Crypto

Dec 27, 2025

•

5 min read

Stealka Infostealer Targets Gamers to Steal Cryptocurrency and Accounts

Targets crypto wallets, passwords, and session tokens

Software Vulnerabilities

Malicious npm Package Masquerades as WhatsApp API, Enables Full Account Takeover

Dec 22, 2025

•

5 min read

Malicious npm Package Masquerades as WhatsApp API, Enables Full Account Takeover

Over 56,000 downloads since May 2025

Malware

MacSync Stealer Evolves to Bypass User Interaction on macOS

Dec 22, 2025

•

5 min read

MacSync Stealer Evolves to Bypass User Interaction on macOS

Fake installers masquerade as legitimate messaging software

Android

Dec 21, 2025

•

5 min read

Kimsuky Deploys QR-Based Android Malware in Expanding Mobile Espionage Campaign

Campaign highlights rising mobile espionage risks

Nation State

Infy APT Resurfaces After Years of Silence, Expands Covert Espionage Operations

Dec 21, 2025

•

5 min read

Infy APT Resurfaces After Years of Silence, Expands Covert Espionage Operations

Malware uses cryptographic validation to confirm trusted C2 servers

DOJ

DOJ Indicts 54 in ATM Jackpotting Scheme Linked to Venezuelan Gang Tren de Aragua

Dec 20, 2025

•

5 min read

DOJ Indicts 54 in ATM Jackpotting Scheme Linked to Venezuelan Gang Tren de Aragua

Over $40 million lost in the U.S. since 2021

Software Vulnerabilities

Cracked Software Sites Abused to Deliver Evolving CountLoader Malware

Dec 20, 2025

•

4 min read

Cracked Software Sites Abused to Deliver Evolving CountLoader Malware

Highlights ongoing risks of pirated software

Nation State

China-Linked APT LongNosedGoblin Targets Government Networks Using Group Policy Abuse

Dec 19, 2025

•

5 min read

China-Linked APT LongNosedGoblin Targets Government Networks Using Group Policy Abuse

Tooling overlaps with other China-linked espionage groups.

Android

Dec 17, 2025

•

5 min read

Android RAT “Cellik” Lowers the Barrier to Full-Scale Mobile Espionage

Malware offers full device control and real-time surveillance

Extensions

Dec 17, 2025

•

5 min read

Malicious Firefox Extensions Use Steganography to Deliver Hidden Malware

Malware hidden inside extension icon images

Software Vulnerabilities

Notepad++ Updater Hijack Enables Supply Chain Attacks Against East Asian Organizations

Dec 13, 2025

•

5 min read

Notepad++ Updater Hijack Enables Supply Chain Attacks Against East Asian Organizations

Attacks targeted telecom and financial services organizations

Malware

NANOREMOTE Backdoor Abuses Google Drive API for Stealthy Command-and-Control

Dec 12, 2025

•

5 min read

NANOREMOTE Backdoor Abuses Google Drive API for Stealthy Command-and-Control

Targets align with long-term espionage objectives

Software Vulnerabilities

Malicious VS Code Extensions Steal Developer Data

Dec 9, 2025

•

5 min read

Malicious VS Code Extensions Steal Developer Data

Malware captured screenshots, cookies, WiFi passwords, clipboard data, and more

Android

Dec 8, 2025

•

5 min read

New Android Malware Surge: FvncBot, SeedSnatcher, and an Upgraded ClayRat Expand Mobile Threat Landscape

Threat actors increasingly use modular, custom-built codebases

Nation State

Warp Panda Targets U.S. Organizations With Persistent VMware Malware

Dec 7, 2025

•

5 min read

Warp Panda Targets U.S. Organizations With Persistent VMware Malware

Organizations running VMware infrastructure should treat this campaign as high-risk

Malware

PHALT#BLYX Campaign Uses Fake Booking.com Alerts to Deploy DCRat in European Hospitality Attacks

Stealka Infostealer Targets Gamers to Steal Cryptocurrency and Accounts

Malicious npm Package Masquerades as WhatsApp API, Enables Full Account Takeover

MacSync Stealer Evolves to Bypass User Interaction on macOS

Kimsuky Deploys QR-Based Android Malware in Expanding Mobile Espionage Campaign

Infy APT Resurfaces After Years of Silence, Expands Covert Espionage Operations

DOJ Indicts 54 in ATM Jackpotting Scheme Linked to Venezuelan Gang Tren de Aragua

Cracked Software Sites Abused to Deliver Evolving CountLoader Malware

China-Linked APT LongNosedGoblin Targets Government Networks Using Group Policy Abuse

Android RAT “Cellik” Lowers the Barrier to Full-Scale Mobile Espionage

Malicious Firefox Extensions Use Steganography to Deliver Hidden Malware

Notepad++ Updater Hijack Enables Supply Chain Attacks Against East Asian Organizations

NANOREMOTE Backdoor Abuses Google Drive API for Stealthy Command-and-Control

Malicious VS Code Extensions Steal Developer Data

New Android Malware Surge: FvncBot, SeedSnatcher, and an Upgraded ClayRat Expand Mobile Threat Landscape

Warp Panda Targets U.S. Organizations With Persistent VMware Malware

STAY CONNECTED