More results...
The Rhadamanthys Stealer, a highly modular information-stealing virus that was first discovered in 2022, has made a comeback with a clever and dishonest delivery method called ClickFix Captcha. This is a terrifying development for cybersecurity experts…
Kaspersky GReAT experts uncover malicious extensions for Cursor AI that download the Quasar backdoor and a crypto stealer.
Kaspersky experts have discovered a new spyware called Batavia, which steals data from corporate devices.
The North Korean state-sponsored hacker collective Kimsuky has been found to use a dishonest technique called “ClickFix” to compromise victim machines in a number of concerning cyberattacks. First documented by Proofpoint in April 2024, Cli…
A recent threat hunting session has revealed a sophisticated PowerShell script, named y1.ps1, hosted in an open directory on a Chinese server (IP: 123.207.215.76). First detected on June 1, 2025, this script operates as a shellcode loader, employing ad…
The two new variants of the KimJongRAT stealer have emerged, showcasing the persistent and evolving nature of this malicious tool first identified in 2013. Detailed research by Palo Alto Networks’ Unit 42 reveals that these variants, one employing a Po…
A recently uncovered malware campaign has revealed a highly sophisticated, multi-stage infection process utilizing heavily obfuscated Visual Basic Script (VBS) files to deploy remote access trojans (RATs) such as Remcos, LimeRAT, DCRat, and AsyncRAT. D…
A newly discovered remote access trojan (RAT) named CyberEye is making waves in the cybersecurity community for its sophisticated capabilities and its reliance on Telegram, the popular messaging platform, as its command-and-control (C2) infrastructure….
Remote Access Trojans (RATs) like Quasar have been a persistent threat for years, enabling attackers to control infected systems remotely. Recent SANS research has uncovered a new and particularly stealthy Quasar campaign, characterized by strong …
According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.