Malware Archives - Page 11 of 490

Pierluigi Paganini March 31, 2025

Russia-linked Gamaredon targets Ukraine with Remcos RAT

Russia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Talos researchers warn that Russia-linked APT group Gamaredon (a.k.a. Armageddon, Primitive Bear, ACTINIUM, Callisto) targets Ukraine with a phishing campaign. The cyberespionage group is behind a long series of spear-phishing attacks targeting Ukrainian entities, and organizations related […]

Pierluigi Paganini March 31, 2025

CoffeeLoader uses a GPU-based packer to evade detection

CoffeeLoader is a sophisticated malware that uses numerous techniques to bypass security solutions, Zscaler ThreatLabz warns. Zscaler ThreatLabz discovered CoffeeLoader, a malware family active since September 2024, that uses multiple techniques to evade endpoint security while downloading second-stage payloads. The advanced techniques used by the malware include GPU-based packing, call stack spoofing, sleep obfuscation, and […]

Pierluigi Paganini March 30, 2025

CISA warns of RESURGE malware exploiting Ivanti flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of RESURGE malware, targeting a vulnerability in Ivanti Connect Secure (ICS) appliances. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published a Malware Analysis Report (MAR) on a new malware called RESURGE. The malicious code has been used in attacks targeting the flaw CVE-2025-0282 in Ivanti Connect […]

Pierluigi Paganini March 30, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 39

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Microsoft Trusted Signing service abused to code-sign malware Shedding light on the ABYSSWORKER driver VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware New Android Malware Campaigns Evading Detection Using Cross-Platform Framework .NET MAUI Raspberry Robin: Copy […]

Pierluigi Paganini March 30, 2025

Sam’s Club Investigates Alleged Cl0p Ransomware Breach

The Walmart-owned membership warehouse club chain Sam’s Club is investigating claims of a Cl0p ransomware security breach. Sam’s Club is a membership warehouse club chain in the United States, owned by Walmart. Founded in 1983 by Sam Walton, Walmart’s founder, as Sam’s Wholesale Club, it was renamed Sam’s Club in 1990. These stores operate on a bulk […]

Pierluigi Paganini March 29, 2025

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

The new Android trojan Crocodilus exploits accessibility features to steal banking and crypto credentials, mainly targeting users in Spain and Turkey. ThreatFabric researchers discovered a new Android trojan called Crocodilus, which exploits accessibility features to steal banking and crypto credentials. “Crocodilus enters the scene not as a simple clone, but as a fully-fledged threat from […]

Pierluigi Paganini March 28, 2025

Crooks are reviving the Grandoreiro banking trojan

Grandoreiro Banking Trojan resurfaces, targeting users in Latin America and Europe in new phishing campaigns. Forcepoint X-Labs researchers warn of new phishing campaigns targeting Latin America and Europe in new phishing campaigns. The Trojan has been active since 2016, it initially targeted Brazil but expanded to Mexico, Portugal, and Spain since 2020. Grandoreiro is a modular […]

Pierluigi Paganini March 28, 2025

Russian authorities arrest three suspects behind Mamont Android banking trojan

Russian authorities arrested three suspects for developing Mamont, a newly identified Android banking trojan. Russian authorities arrested three suspects in Saratov for developing Mamont (Russian for mammoth), a recently discovered Android banking trojan. “Three Saratov residents are suspected of fraud and unauthorized access to computer information. Officers from the fraud prevention department of PJSC Sberbank […]

Pierluigi Paganini March 27, 2025

Crooks target DeepSeek users with fake sponsored Google ads to deliver malware

Cybercriminals are exploiting the popularity of DeepSeek by using fake sponsored Google ads to distribute malware. While DeepSeek is rising in popularity, threat actors are attempting to exploit it by using fake sponsored Google ads to distribute malware, Malwarebytes researchers warn. Crooks are using DeepSeek as a lure to trap unsuspecting Google searchers. “Unfortunately, we […]

Pierluigi Paganini March 26, 2025

New ReaderUpdate malware variants target macOS users

New ReaderUpdate malware variants, now written in Crystal, Nim, Rust, and Go, targets macOS users, SentinelOne warns. SentinelOne researchers warn that multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages, are targeting macOS users. ReaderUpdate is a macOS malware loader that has been active since 2020, the malicious code […]

Malware

Russia-linked Gamaredon targets Ukraine with Remcos RAT

CoffeeLoader uses a GPU-based packer to evade detection

CISA warns of RESURGE malware exploiting Ivanti flaw

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 39

Sam’s Club Investigates Alleged Cl0p Ransomware Breach

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Crooks are reviving the Grandoreiro banking trojan

Russian authorities arrest three suspects behind Mamont Android banking trojan

Crooks target DeepSeek users with fake sponsored Google ads to deliver malware

New ReaderUpdate malware variants target macOS users

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

Critical Sudo bugs expose major Linux distros to local Root exploits

Google fined $314M for misusing idle Android users' data

A flaw in Catwatchful spyware exposed logins of +62,000 users

China-linked group Houken hit French organizations using zero-days

QUICK LINKS

Malware

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!