Kaspersky’s SecureList reveals GhostContainer, a new, highly customized backdoor targeting government and high-tech organizations in Asia via Exchange server vulnerabilities. Learn how this APT malware operates and how to stay protected.
Trellix exposes SquidLoader malware targeting Hong Kong, Singapore, and Australia’s financial service institutions. Learn about its advanced evasion tactics and stealthy attacks.
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape KongTuke FileFix Leads to New Interlock RAT Variant Code highlighting with Cursor AI for $500,000 Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader Threat Analysis: SquidLoader – Still Swimming Under the […]
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release Authorities released free decryptor for Phobos and […]
Japanese police released a free decryptor for Phobos and 8Base ransomware, letting victims recover files without paying ransom. Japanese authorities released a free decryptor for Phobos and 8Base ransomware, allowing victims to recover files without paying. Japanese police released the free decryptor for ransomware families, which was likely built using intel from a recent gang […]
A sophisticated threat actor, dubbed “SilverFox,” has been orchestrating a large-scale malware distribution campaign since at least June 2023, primarily during Chinese time zone working hours. This operation focuses on Chinese-speaking indi…
The Chinese have a new tool called Massistant.
- Massistant is the presumed successor to Chinese forensics tool, “MFSocket”, reported in 2019 and attributed to publicly traded cybersecurity company, Meiya Pico.
- The forensics tool works in tandem with a corresponding desktop software.
- Massistant gains access to device GPS location data, SMS messages, images, audio, contacts and phone services.
- Meiya Pico maintains partnerships with domestic and international law enforcement partners, both as a surveillance hardware and software provider, as well as through training programs for law enforcement personnel…
Cryptominer campaign runs for years using legit sites to spread malware, targeting Linux systems through known bugs and avoiding detection.
Attackers are increasingly leveraging the ClickFix social engineering technique to distribute potent malware families, including NetSupport RAT, Latrodectus, and Lumma Stealer. This method, which emerged prominently in recent months, tricks users into …
LameHug malware uses AI to create data-theft commands on infected Windows systems. Ukraine links it to the Russia-nexus APT28 group. Ukrainian CERT-UA warns of a new malware strain dubbed LameHug that uses a large language model (LLM) to generate commands to be executed on compromised Windows systems. Ukrainian experts attribute the malware to the Russia-linked […]