Malware Archives - Page 6 of 10

GlassWorm ForceMemo Campaign: Stolen GitHub Tokens Used to Inject Malware Into Hundreds of Python Repositories

acint3 months ago03 mins

A sophisticated supply chain attack dubbed ForceMemo is leveraging stolen GitHub tokens to inject malware into hundreds of Python repositories, marking a dangerous escalation in the ongoing GlassWorm campaign targeting software developers. The Attack Chain According to StepSecurity research, the attackers are targeting Python projects including Django applications, machine learning research code, Streamlit dashboards, and…

KadNap Botnet Hijacks 14,000+ ASUS Routers Using Novel Kademlia DHT Protocol for Stealth C2

acint4 months ago03 mins

A newly discovered botnet called KadNap is turning ASUS routers and edge networking devices into covert proxies for cybercriminal operations. Since August 2025, the malware has infected over 14,000 devices across the globe, with researchers from Black Lotus Labs (Lumen Technologies) revealing a sophisticated command-and-control (C2) infrastructure that leverages a customized version of the Kademlia…

Code on screen representing GitHub malware campaign

BoryptGrab Stealer Spreads Through 100+ Fake GitHub Repositories in Massive Malware Campaign

acint4 months ago03 mins

Trend Micro researchers have uncovered a large-scale malware distribution campaign using over 100 GitHub repositories to spread BoryptGrab, an information stealer that targets browser credentials, cryptocurrency wallets, and sensitive files while deploying reverse SSH backdoors for persistent access. The campaign leverages the trust users place in GitHub to distribute malware disguised as legitimate software tools,…

BoryptGrab Stealer Spreads Through 100+ Malicious GitHub Repositories

acint4 months ago4 months ago02 mins

A massive malware distribution campaign has been discovered leveraging more than 100 GitHub repositories to spread the BoryptGrab information stealer. According to Trend Micro research, the campaign targets Windows users through deceptive downloads masquerading as legitimate software tools and gaming cheats. The Attack Chain The threat actors behind this campaign have deployed an extensive network…

APT36 Vibeware Campaign: Pakistan’s Transparent Tribe Weaponizes AI to Mass-Produce Malware Targeting India

acint4 months ago04 mins

Pakistan-aligned threat actor Transparent Tribe (APT36) has embraced AI-assisted malware development to flood Indian government networks with disposable, polyglot implants—a technique security researchers are calling “vibeware” or Distributed Denial of Detection (DDoD). AI-Powered Malware Industrialization According to Bitdefender’s research, APT36 has shifted from sophisticated, handcrafted implants to high-volume, AI-generated malware written in obscure programming languages…

VOID#GEIST: Multi-Stage Malware Campaign Uses Python Loaders and APC Injection to Deploy XWorm, AsyncRAT, and Xeno RAT

acint4 months ago03 mins

Security researchers at Securonix have uncovered a sophisticated multi-stage malware campaign dubbed VOID#GEIST that delivers three separate remote access trojans (RATs) through an elaborate infection chain designed to evade detection. A Modular Attack Framework Unlike traditional malware that relies on standalone executables, VOID#GEIST employs a modular pipeline comprising batch scripts for orchestration, PowerShell for stealthy…

Zerobot Malware Targets n8n Automation Platform: First Active Exploitation of CVE-2025-68613

acint4 months ago04 mins

Akamai SIRT discovers Zerobot botnet actively exploiting CVE-2025-68613 in n8n workflow automation platform, marking a shift from traditional IoT targeting to enterprise infrastructure.

Malicious Go Crypto Module Steals Passwords and Deploys Rekoobe Backdoor

acint4 months ago02 mins

A sophisticated supply chain attack has been uncovered targeting Go developers through a malicious module that impersonates the legitimate golang.org/x/crypto library. The attack demonstrates how threat actors are increasingly exploiting namespace confusion to compromise developer environments and deploy persistent backdoors. The Attack Mechanism Security researchers at Socket discovered the malicious module github[.]com/xinfeisoft/crypto, which masquerades as…

Fake Google Security Check Transforms Browser Into Surveillance Toolkit via PWA Installation

acint4 months ago13 mins

A sophisticated phishing campaign has been discovered that transforms web browsers into comprehensive surveillance platforms by masquerading as a Google Account security page. According to Malwarebytes researchers, this attack represents one of the most fully-featured browser-based surveillance toolkits observed in the wild. Attack Methodology The attack begins with a convincing replica of a Google Account…

DarkCloud Infostealer Emerges as Major Enterprise Threat: $30 Malware Delivers Scalable Credential Theft

acint4 months ago04 mins

The cybersecurity threat landscape is facing a growing challenge as infostealers continue to dominate the initial access ecosystem in 2026. Among the latest threats drawing serious attention is DarkCloud, a commercially available credential-harvesting malware that proves even low-cost tools can deliver devastating results against enterprise environments. The $30 Threat That Can Compromise Entire Networks DarkCloud…