A sophisticated Python-based Remote Access Trojan (RAT) leveraging Discord as its command and control infrastructure has been identified targeting users worldwide. This malware enables attackers to execute arbitrary system commands, capture screenshots, and most critically, steal saved login credentials from…
Tag: Cyber Security News
Russian Hackers Mimic as CIA to Steal Ukraine Defense Intelligence Data
In a sophisticated cyber espionage campaign recently uncovered, Russian hackers have been impersonating the U.S. Central Intelligence Agency (CIA) and other organizations to harvest sensitive information from Ukrainian sympathizers and potential Russian defectors. The operation utilizes carefully crafted phishing websites…
PJobRAT Android RAT as Dating & Instant Messaging Apps Attacking Military Personnel
PJobRAT, an Android Remote Access Trojan (RAT) first observed in 2019, has recently resurfaced with enhanced capabilities and a refined targeting strategy. The malware, initially documented targeting Indian military personnel in 2021, has evolved to compromise users in Taiwan through…
SHELBY Malware Steal Data Abusing GitHub for Command-and-control Server
A sophisticated new data theft malware strain dubbed “SHELBY” has emerged in the cybersecurity landscape, targeting primarily financial institutions and healthcare organizations across North America and Europe. The malware employs a multi-stage infection process that begins with phishing emails containing…
Threat Actors Hacked 150,000 Sites to Link Chinese Gambling Sites
A massive website hijacking campaign has been uncovered, affecting approximately 150,000 websites with malicious full-page redirects to Chinese gambling platforms. The attack, which first emerged in February 2025 targeting around 35,000 sites, has rapidly expanded its reach, demonstrating the threat…
RansomHub’s EDRKillShifter Link With Other Well-Established Ransomware Gang’s – New Research
RansomHub emerged in February 2024, just as Operation Cronos dismantled major ransomware players BlackCat and LockBit. This new ransomware-as-a-service operation quickly attracted affiliates with generous terms—keeping 90% of ransom payments and offering direct wallet transfers. By July 2024, RansomHub had…
New FamousSparrow Malware Attacking Hotels & Engineering Companies to New Backdoor
In a recent discovery, cybersecurity experts have identified renewed activity from FamousSparrow, a China-aligned APT group previously thought to be inactive since 2022. The threat actor has resurfaced with two previously undocumented versions of its signature backdoor, SparrowDoor, targeting organizations…
PlayBoy Locker Ransomware Attacking Windows, NAS and ESXi Operating Systems
A new ransomware variant known as PlayBoy Locker has emerged, targeting multiple operating systems including Windows, NAS, and ESXi. First discovered in September 2024, this malware initially operated as a Ransomware-as-a-Service (RaaS) platform, offering cybercriminals a versatile tool for their…
Hackers Abuse MailChimp Email Marketing Platform via Phishing, and Social Engineering Tactics
Hackers have launched sophisticated attacks targeting MailChimp, one of the most widely used email marketing platforms. These attacks leverage advanced phishing techniques and social engineering tactics to gain unauthorized access to corporate MailChimp accounts, potentially exposing sensitive subscriber data and…
Redcurl Actors New Ransomware Exclusively Attacking Hyper-V Servers
A new ransomware strain has been discovered targeting virtualized environments, specifically Microsoft Hyper-V servers. This targeted approach marks a significant evolution in ransomware tactics, as the malware focuses exclusively on hypervisors rather than encrypting all endpoint devices, creating maximum damage…