Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Malware

20 articles

GBHackers Malware Jun 11

GoFlateLoader Hides Infostealers in Massive PE Overlay

GoFlateLoader, a widespread Golang loader that has become a go-to delivery mechanism for multiple infostealers including Lumma, Vidar, StealC, Amatera and Re...

T1027 T1598

GBHackers →

SecurityWeek Malware Jun 11

Siemens Says Desigo CC Files Flagged as Malware by Security Engines

A PowerShell script included in patch files appears to be triggering false positives by multiple security engines. The post Siemens Says Desigo CC Files Flag...

SecurityWeek →

GBHackers Malware Apple SAP Jun 11

Weaponized DMG Files Deliver macOS Infostealer Malware

A recent surge in macOS-targeted campaigns shows threat actors favoring weaponized disk images (.dmg) as the primary delivery mechanism for infostealer malware.

GBHackers →

GBHackers Malware Microsoft Jun 11

BLUERABBIT Backdoor Encrypts Files, Wipes Windows Systems

A new Golang-based backdoor dubbed BLUERABBIT has been observed performing combined data theft, file encryption and destructive disk wiping against Windows h...

T1041 T1486

GBHackers →

GBHackers Malware Jun 11

Hackers Use Residential Proxies Networks to Evade Detection

The impact of residential proxies across our customer base by compiling billions of DNS resolutions and the associated network telemetry. The Kimwolf Botnet ...

GBHackers →

Security Affairs Malware Jun 11

JDY Botnet Evolves After KV Takedown, Targets Military Networks

JDY botnet scans SOHO/IoT devices globally to map services and targets, especially US military networks. Lumen’s Black Lotus Labs reported the resurgence of ...

T1592

Security Affairs →

GBHackers Malware VMware Jun 11

Hackers Abuse VMware-Signed Binary to Deploy NIGHTFORGE Loader

Two closely related espionage campaigns targeting Cambodian government organizations that abuse a legitimate VMware-signed binary to sideload a custom loader...

GBHackers →

Help Net Security Malware Microsoft Jun 11

Prompt injection still drives most agentic AI security failures in production

A backdoor sat on PyPI for three hours in March 2026. Nearly 47,000 downloads occurred during the window.

Help Net Security →

SC Media Malware Jun 10

JDY botnet expands, enabling rapid exploitation of disclosed vulnerabilities

Initially flagged as part of the KV-botnet, JDY has evolved into an independent reconnaissance capability following the U.S.

T1592

SC Media →

SC Media Malware Microsoft Jun 10

Scammers use short videos on social media to spread Vidar infostealer

This new attack method involves creating seemingly helpful tutorial videos that promise free access to premium applications such as Spotify Premium or Micros...

SC Media →

Graham Cluley Malware Jun 10

Smashing Security podcast #471: This AI worm just rewrote its own rules

Researchers at the University of Toronto have built a worm that thinks for itself. Using free off-the-shelf AI models it works out how to break into each new...

Graham Cluley →

The Hacker News Malware Jun 10

China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance

Cybersecurity researchers have warned of a "resurgence and expansion" of JDY, a covert network associated with China-nexus state-sponsored threat actors.

T1592

The Hacker News →

Infosecurity Magazine Malware Jun 10

New SilabRAT Trojan Hijacks Sessions to Steal Crypto

MaaS trojan SilabRAT uses HVNC and browser cloning to hijack sessions and steal crypto

Infosecurity Magazine →

BleepingComputer Malware Jun 10

China-linked JDY botnet expands targeting of U.S. military networks

The JDY botnet, a malware network previously associated with Chinese threat actors like Volt Typhoon, has significantly expanded its targeting scope and reco...

T1592

BleepingComputer →

Security Affairs Malware Microsoft Linux Intel Jun 10

“AI Worms”, researchers demonstrate autonomous malware capable of adapting to any online device

A study by the University of Toronto shows how artificial intelligence can power autonomous worms capable of tailoring attacks against Windows, Linux and IoT...

Security Affairs →

Help Net Security Malware Jun 10

Every set of AI guardrails can be broken by the right prompt

Companies that build AI systems wrap them in guardrails meant to block harmful output, including deepfakes, malware, and instructions for making biological w...

Help Net Security →

Security Affairs Malware Microsoft GitHub Jun 9

Miasma Worm Compromises 73 Microsoft GitHub Repositories

The Miasma worm compromised 73 Microsoft GitHub repos, spreading via AI coding tools and stealing cloud credentials from developers and CI/CD systems. A self...

Security Affairs →

BleepingComputer Malware Microsoft GitHub Jun 9

GitHub disables Microsoft repos pushing password-stealing malware

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, disrupting continuous integration pi...

BleepingComputer →

GBHackers Malware Google Jun 9

MagicAd Android Malware Bypasses Restrictions to Flood Devices With Ads

Android.MagicAd, a stealthy Android trojan family that circumvents operating-system safeguards to push intrusive ads from the background.

GBHackers →

The Hacker News Malware Jun 9

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language mode...

The Hacker News →

«Previous page 1 ... 6 7 8 9 10 ... 20 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA