Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Malware

20 articles

Cyberscoop Malware May 21

Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada

Jacob Butler, a 23-year-old from Ottawa, awaits extradition to the United States and faces up to 10 years in prison. The post Alleged leader of Kimwolf, a sw...

Cyberscoop →

Krebs on Security Malware May 21

Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada

Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botne...

Krebs on Security →

Cyberscoop Malware May 21

CISA chief frets about open-source vulnerabilities, delayed security improvements

Acting director Nick Andersen’s comments came as a wave of malware attacks hit tech that’s publicly available for collaboration. The post CISA chief frets ab...

Cyberscoop →

HackRead Malware Microsoft May 21

Microsoft’s Retired IE Tool MSHTA Now Being Used in Fileless Malware Attacks

Bitdefender researchers reveal how cyberattackers are abusing the built-in Windows MSHTA utility to silently deploy loaders and infostealers.

HackRead →

GBHackers Malware Microsoft May 21

BadIIS Malware Hijacks IIS Servers to Redirect Users to Illicit Sites

A new variant of the BadIIS malware that hijacks Microsoft IIS web servers to redirect users to illicit websites, highlighting an evolving malware-as-a-servi...

T1588

GBHackers →

Wordfence Blog Malware WordPress May 20

How a Webmail Log File Became a Root-Level Backdoor

A forensic breakdown of how an attacker turned CyberPanel's SnappyMail logging into a persistent webshell that survived every WordPress cleanup attempt. The ...

T1190 T1598

Wordfence Blog →

Microsoft Security Blog Malware Microsoft Amazon GitHub Linux Kubernetes May 20

Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft

Compromised @antv npm packages deploy the Mini Shai-Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes durin...

T1078

Microsoft Security Blog →

Infosecurity Magazine Malware May 20

Mini Shai-Hulud Hits Hundreds of npm Packages in AntV Ecosystem

Mini Shai-Hulud worm hits Alibaba AntV ecosystem in largest npm supply chain wave to date

Infosecurity Magazine →

SC Media Malware Microsoft May 20

Microsoft disrupts Fox Tempest malware-signing service

Fox Tempest operated a platform called signspace[.]cloud, which allowed threat actors to obtain short-lived Microsoft-issued certificates via Artifact Signing.

SC Media →

Fortinet Blog Malware Kubernetes May 20

Misconfigured, Enrolled and Dormant: Anatomy of a P2Pinfect Kubernetes Compromise

FortiGuard Labs analyzed several P2PInfect compromises in GKE clusters, showing how exposed Redis instances can enable persistent botnet enrollment, dormancy...

Fortinet Blog →

Unit 42 Malware May 20

Tracking TamperedChef Clusters via Certificate and Code Reuse

Unit 42 analyzes TamperedChef malware clusters that use trojanized productivity apps and malvertising to deliver stealthy payloads to targets. The post Track...

T1189

Unit 42 →

GBHackers Malware Google Apple May 20

DevilNFC Malware Traps Android Users in NFC Relay Attacks

A newly identified Android malware family named DevilNFC is raising concern among cybersecurity researchers for its advanced use of kiosk mode to trap victim...

T1588

GBHackers →

GBHackers Malware GitHub May 20

Single-Letter Go Module Typosquat Drops DNS-Based Backdoor

A newly uncovered software supply chain attack targeting Go developers demonstrates how a single-character typo can silently introduce a persistent backdoor....

T1195

GBHackers →

The Record Malware May 19

Ukraine says Russia is deploying AI-powered malware on the battlefield

A new report from Ukraine’s National Security and Defense Council says Russia’s use of AI across cyber operations expanded dramatically over the past year, r...

T1204

The Record →

CSO Online Malware GitHub May 19

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, this time targeting the widely-used...

T1195

CSO Online →

Cyberscoop Malware May 19

Mini Shai-Hulud returns, compromising hundreds of npm packages

Another malware wave is washing through open-source software repos, stealing publishing tokens, installing OS‑level backdoors and persisting in developer too...

Cyberscoop →

CSO Online Malware Microsoft Oracle May 19

Internet Explorer may be dead, but its ghost still runs malware

Microsoft’s aging “mshta.exe” utility, a leftover component from Internet Explorer, is still being actively abused in modern malware campaigns years after th...

CSO Online →

GBHackers Malware Google May 19

VoidStealer Malware Targets Chrome Data Despite Built-In Browser Protections

A newly discovered infostealer called VoidStealer is raising concerns after researchers revealed it can bypass Google Chrome’s App-Bound Encryption (ABE), a ...

T1078

GBHackers →

GBHackers Malware May 19

UAC-0184 Uses Bitsadmin and HTA Files to Deliver Gated Malware

UAC-0184 uses a multi‑stage malware chain that abuses bitsadmin and HTA loaders to reach a heavily obfuscated payload bundle, ultimately hiding behind signed...

T1027

GBHackers →

GBHackers Malware Google Apple May 19

macOS Malware Abuses Fake Google Update for Persistence

A newly observed variant of the SHub macOS infostealer, dubbed “Reaper,” is expanding its capabilities with stealthier delivery, enhanced data theft, and a p...

T1041

GBHackers →

«Previous page 1 ... 11 12 13 14 15 ... 20 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA