Sign in Subscribe

Malware & Ransomware

09
Mar
Ransomware Targets Hospitals, Supply‑Chain Breaches Spike – New Regulator Guidance

Ransomware Targets Hospitals, Supply‑Chain Breaches Spike – New Regulator Guidance

Malwarebytes’ weekly recap for March 2‑8 shows a sharp rise in ransomware activity, with attackers focusing on medical facilities
1 min read
09
Mar
LummaStealer Teams with CastleLoader to Mask Activity as Normal User Behavior

LummaStealer Teams with CastleLoader to Mask Activity as Normal User Behavior

The LummaStealer infostealer has been observed integrating the CastleLoader dropper, creating a hybrid payload that blends malicious actions with typical
1 min read
08
Mar
Long‑Term CL‑UNK‑1068 Campaign Exploits DLL Sideloading and Custom Proxies

Long‑Term CL‑UNK‑1068 Campaign Exploits DLL Sideloading and Custom Proxies

Palo Alto Networks’ Unit 42 uncovered a previously undocumented threat actor group, labeled CL‑UNK‑1068, that has been compromising
1 min read
08
Mar
Fake Google Meet Update Deploys Remote‑Access Trojan with One Click

Fake Google Meet Update Deploys Remote‑Access Trojan with One Click

A new phishing campaign observed by Malwarebytes distributes a malicious executable masquerading as a Google Meet update. The file is
1 min read
08
Mar
AI‑Powered Attack Playbook: How Threat Actors Weaponize Polymorphic Code

AI‑Powered Attack Playbook: How Threat Actors Weaponize Polymorphic Code

Microsoft’s security blog details a new tradecraft where adversaries harness generative AI to create constantly changing (polymorphic) payloads, automate
1 min read
08
Mar
LummaStealer Teams Up with CastleLoader, Expanding Credential Theft Ops

LummaStealer Teams Up with CastleLoader, Expanding Credential Theft Ops

Bitdefender’s latest research shows the dormant LummaStealer infostealer has resurfaced, now bundled with the CastleLoader droploader. The combined malware
1 min read
08
Mar
Fake Google Meet Update Delivers Full‑Control RAT to Enterprises

Fake Google Meet Update Delivers Full‑Control RAT to Enterprises

A phishing campaign is distributing a counterfeit Google Meet “update” dialog that mimics the legitimate UI. When a user clicks
1 min read
08
Mar
APT TA423 Weaponizes Australian News Sites to Drop ScanBox Keylogger

APT TA423 Weaponizes Australian News Sites to Drop ScanBox Keylogger

A newly identified watering‑hole operation linked to APT group TA423 is compromising popular Australian news websites. The attackers have
1 min read
08
Mar
LummaStealer Returns with CastleLoader, Mimics Legit User Activity to Slip Past Defenses

LummaStealer Returns with CastleLoader, Mimics Legit User Activity to Slip Past Defenses

The LummaStealer infostealer has resurfaced, now bundled with the CastleLoader dropper. This refreshed version adopts user‑like patterns—such as
1 min read
08
Mar
Fake Google Meet Update Delivers Remote‑Access Malware to Victims

Fake Google Meet Update Delivers Remote‑Access Malware to Victims

Attackers circulated a phishing campaign that mimics a legitimate Google Meet client update. Recipients receive an email with a bogus
1 min read