Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Malware

20 articles

GBHackers Malware May 19

Compromised Nx Console VS Code Extension Steals Developer and Cloud Secrets

Nx Console’s popular VS Code extension was briefly weaponized into a credential-stealing tool that can leak developer and cloud secrets and plant a persisten...

GBHackers →

HackRead Malware Microsoft Apple May 18

New Reaper Malware Uses Fake Microsoft Domain to Steal macOS Passwords

The newly discovered Reaper malware bypasses Apple's macOS Tahoe 26.4 security updates to steal passwords, crypto assets, and install a permanent backdoor.

HackRead →

SC Media Malware May 18

REMUS infostealer evolves into sophisticated malware-as-a-service platform

Flare's analysis of 128 posts between February and May 2026 reveals REMUS's aggressive development cycle, mirroring structured software businesses.

T1588

SC Media →

SC Media Malware May 18

Turla group evolves Kazuar backdoor into modular P2P botnet

Turla, also known as Secret Blizzard and linked to Russia's FSB, has re-engineered its Kazuar .NET backdoor, first used in 2017, into a modular botnet.

SC Media →

SentinelOne Blog Malware Microsoft Google Apple May 18

SHub Reaper | macOS Stealer Spoofs Apple, Google, and Microsoft in a Single Attack Chain

SHub Reaper bypasses Apple's Terminal mitigation, steals credentials and documents, and plants a persistent backdoor for continued access after infection.

SentinelOne Blog →

SecurityWeek Malware Amazon May 18

‘Claw Chain’ OpenClaw Flaws Allow Sandbox Escape, Backdoor Delivery

Four vulnerabilities in OpenClaw can be chained together to steal credentials, escape the sandbox, and plant persistent backdoors. The post ‘Claw Chain’ Open...

SecurityWeek →

Kaspersky Securelist Malware Microsoft Apple May 18

IT threat evolution in Q1 2026. Non-mobile statistics

The report presents key trends and statistics on malware that targeted personal computers running Windows and macOS, as well as Internet of Things (IoT) devi...

Kaspersky Securelist →

The Hacker News Malware Apple May 18

Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware

Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one of which is a clone of the Shai-Hulud worm open-...

The Hacker News →

GBHackers Malware May 18

OtterCookie Malware Steals Dev Secrets, SSH Keys, Cloud Credentials, and Tokens

A newly analyzed malware strain, OtterCookie, is emerging as a serious threat to developers, quietly harvesting sensitive data from active workstations in re...

GBHackers →

GBHackers Malware May 18

Fast16 Malware Sabotages Nuclear Test Simulations by Altering Data

A newly analyzed cyber-espionage framework called Fast16 has revealed one of the most precise and covert sabotage operations ever uncovered targeting nuclear...

GBHackers →

The Hacker News Malware Broadcom May 18

Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations

A new analysis of the Lua-based fast16 malware has confirmed that it was a cyber sabotage tool designed to tamper with nuclear weapons testing simulations. A...

The Hacker News →

BleepingComputer Malware May 16

Russian hackers turn Kazuar backdoor into modular P2P botnet

The Russian hacker group Secret Blizzard has developed its long-running Kazuar backdoor into a modular peer-to-peer (P2P) botnet designed for long-term persi...

BleepingComputer →

GBHackers Malware Microsoft Linux May 16

JDownloader Website Hack Exposes Windows and Linux Users to Malicious Installers

A popular open-source download manager trusted by millions suddenly became a malware delivery platform after attackers compromised its official website, repl...

T1598

GBHackers →

SC Media Malware May 15

Hackers use PyInstaller to hide XWorm malware

The attack begins with deceptive emails or fake software updates containing a seemingly harmless file.

SC Media →

CSO Online Malware May 15

Expired domain leads to supply chain attack on node-ipc npm package

A popular npm package called node-ipc has been compromised, with hackers publishing malicious versions that bundle credential stealing malware. The root caus...

T1195

CSO Online →

BleepingComputer Malware May 15

Popular node-ipc npm package compromised to steal credentials

Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply c...

T1195

BleepingComputer →

The Hacker News Malware May 15

Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access

The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that's engineere...

The Hacker News →

HackRead Malware Microsoft May 15

Hackers Use PyInstaller and AMSI Patching to Deliver XWorm RAT v7.4

Hackers are hiding XWorm malware in PyInstaller files to bypass Windows security, steal data and remotely control devices through ads.

HackRead →

BleepingComputer Malware May 15

Inside the REMUS Infostealer: Session Theft, MaaS, and Rapid Evolution

Stolen browser sessions and authentication tokens are becoming more valuable than stolen passwords. Flare explains how the REMUS infostealer evolved around s...

T1598

BleepingComputer →

The Hacker News Malware May 15

What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface

In Your Biggest Security Risk Isn't Malware — It's What You Already Trust, we made a simple argument: the most dangerous activity inside most organizations n...

The Hacker News →

«Previous page 1 ... 12 13 14 15 16 ... 20 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA