The Financialization of Cybercrime
Cybercrime is no longer a collection of isolated hackers hiding in dark basements - it has become a global, professionalized economy. Today's attackers don't just write malware; they sell, lease, and market...
Articles tagged with: #malware
Clear filter
How a fake AI recruiter delivers five staged malware disguised as a dream job
submitted by /u/digicat [link] [comments]
Brazilian Caminho Loader Employs LSB Steganography and Fileless Execution to Deliver Multiple Malware Families Across South America, Africa, and Eastern Europe
submitted by /u/digicat [link] [comments]
Developer to Red Team path (Maldev + Adversary Emulation) - planning CPTS, need guidance
Hey everyone, I'm currently working as a software developer, but my long-term goal is to move into Red Teaming, focusing on malware development and adversary emulation. I've started self-learning cybersecurity concepts and now planning to take the CPTS certification (from Hack the Box). My plan is to build a strong foundation in penetration testing and then slowly move toward red team operations and maldev. My questions: Is CPTS a good starting point for someone with a dev background? After...
From Dream Job to Malware: DreamLoaders in Lazarus' Recent Campaign
submitted by /u/digicat [link] [comments]
Trying my Hands in Forensics - Burning out.
I've been trying to give a shot at forensics to be a SME for IR, specifically for Malware Analysis and Reverse Engineering. So I got Immersive labs license for L3 which included the major stuff associated with Forensics and IR, but I've been consistently struggling and to be said in simple words my brain is melting trying to do something which I'm not able to enjoy. I've been consistent 3 weeks spending 7-8 hours on weekend trying to wrap my head around the techniques but in Malware Analysis my...
Hackers Weaponizing Telegram Messenger with Dangerous Android Malware to Gain Full System Control
A sophisticated backdoor named Android.Backdoor.Baohuo.1.origin has been discovered in maliciously modified versions of Telegram X messenger, granting attackers complete control over victims' accounts while operating undetected. The malware infiltrates devices through deceptive in-app advertisements and third-party app stores, masquerading as legitimate dating and communication platforms. With more than 58,000 infected devices spread across approximately 3,000
Google Warns of Threat Actors Using Fake Job Posting to Deliver Malware and Steal Credentials
Cybercriminals have adopted a sophisticated social engineering strategy that exploits the trust inherent in job hunting, according to a recent security advisory. A financially motivated threat cluster operating from Vietnam has been targeting digital advertising and marketing professionals through fake job postings on legitimate employment platforms and custom-built recruitment websites. The campaign, which leverages remote
North Korean Hackers Attacking Unmanned Aerial Vehicle Industry to Steal Confidential Data
North Korean state-sponsored hackers from the Lazarus APT group launched a cyberespionage campaign targeting European companies involved in unmanned aerial vehicle development. Starting in late March 2025, attackers compromised three defense organizations across Central and Southeastern Europe, deploying advanced malware to steal proprietary UAV technology. The campaign, tracked as Operation DreamJob, employed social engineering using
AI-Powered Ransomware Is the Emerging Threat That Could Bring Down Your Organization
The cybersecurity landscape has entered an unprecedented era of sophistication with the emergence of AI-powered ransomware attacks. Recent research from MIT Sloan and Safe Security reveals a shocking statistic: 80% of ransomware attacks now utilize artificial intelligence. This represents a fundamental shift from traditional malware operations to autonomous, adaptive threats that can evolve in real-time
YouTube Ghost Malware Network With 3,000+ Malicious Videos Attacking Users to Deploy Malware
A sophisticated malware distribution campaign leveraging over 3,000 malicious YouTube videos has been uncovered, targeting users seeking pirated software and game cheats. The YouTube Ghost Network represents a coordinated ecosystem of compromised accounts that exploit platform features to distribute information-stealing malware while creating false trust through fabricated engagement. Active since 2021, the network has dramatically
Unmasking MuddyWater's New Malware Toolkit Driving International Espionage
submitted by /u/digicat [link] [comments]
New Caminho Malware Loader Uses LSB Steganography and to Hide .NET Payloads Within Image Files
A sophisticated malware operation has emerged from Brazil, leveraging advanced steganographic techniques to conceal malicious payloads within seemingly harmless image files. The Caminho loader, active since at least March 2025, represents a growing threat to organizations across South America, Africa, and Eastern Europe, delivering diverse malware families including REMCOS RAT, XWorm, and Katz Stealer through
New Malware Attack Using Variable Functions and Cookies to Evade and Hide Their Malicious Scripts
A sophisticated malware campaign targeting WordPress sites has emerged, utilizing PHP variable functions and cookie-based obfuscation to evade traditional security detection mechanisms. The attack represents an evolution in obfuscation techniques, where threat actors fragment malicious code across multiple HTTP cookies and dynamically reconstruct executable functions at runtime. This approach makes static analysis significantly more challenging,
New Python RAT Mimic as Legitimate Minecraft App Steals Sensitive Data from Users Computer
A sophisticated Python-based remote access trojan has emerged in the gaming community, disguising itself as a legitimate Minecraft client to compromise unsuspecting users. The malware, identified as a multi-function RAT, leverages the Telegram Bot API as its command and control infrastructure, enabling attackers to exfiltrate stolen data and remotely interact with victim machines. By masquerading
is binary exploitation still worth it ?
is binary exploitation still worth it ? the thing is i want to be something like a full-stack hacker , i finished my foundation [C,bash,python,networking & OS] now i want to start cyber-security i saw that binary-exploitation , reverse-engineering & malware development would go well together but seeing the posts , and opinions on you-tube a lot of people would consider binary-exploitation irrelevant lately what are your opinions ? is there any better path that i don't know about that maybe more...
SideWinder Hacking Group Uses ClickOnce-Based Infection Chain to Deploy StealerBot Malware
The SideWinder advanced persistent threat group has emerged with a sophisticated new attack methodology that leverages ClickOnce applications to deploy StealerBot malware against diplomatic and governmental targets across South Asia. In September 2025, security researchers detected a targeted campaign affecting institutions in Sri Lanka, Pakistan, Bangladesh, and diplomatic missions based in India. The attacks represent
MuddyWater Using New Malware Toolkit to Deliver Phoenix Backdoor Malware to International Organizations
The Advanced Persistent Threat group MuddyWater, widely recognized as an Iran-linked espionage actor, has orchestrated a sophisticated phishing campaign targeting more than 100 government entities and international organizations across the Middle East, North Africa, and beyond. The operation, which became active in mid-August 2025, represents a significant escalation in the group's tradecraft, introducing version 4
YouTube Ghost Network: Massive Malware Distribution Operation
Check Point Research uncovered the YouTube Ghost Network, a sophisticated malware distribution operation featuring over 3,000 malicious videos. This network, active since 2021, tripled its activity in 2025, targeting users seeking game hacks, cheats, and software cracks. submitted by /u/cyber_Ice7198 [link] [comments]
APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign
A Pakistan-nexus threat actor has been observed targeting Indian government entities as part of spear-phishing attacks designed to deliver a Golang-based malware known as DeskRAT. The activity, observed in August and September 2025 by Sekoia, has been attributed to Transparent Tribe (aka APT36), a state-sponsored hacking group known to be active since at least 2013. It also builds upon a prior