Sign in Subscribe

Malware & Ransomware

08
Mar
ScanBox JavaScript Keylogger Hijacks News Sites in China‑Based Watering‑Hole Campaign

ScanBox JavaScript Keylogger Hijacks News Sites in China‑Based Watering‑Hole Campaign

A China‑originated APT group identified as TA423 has been weaponizing the open‑source ScanBox JavaScript keylogger in a series
1 min read
08
Mar
Resurrected LummaStealer Teams with CastleLoader to Target Enterprise Credentials

Resurrected LummaStealer Teams with CastleLoader to Target Enterprise Credentials

Bitdefender’s threat‑research team has identified a resurgence of the LummaStealer infostealer, now being bundled with the CastleLoader modular
1 min read
05
Mar

Kimwolf Botmaster “Dort” Exposed: New Intel on DDoS & Mining Infrastructure

Krebs on Security has identified the individual behind the alias “Dort,” the chief architect of the Kimwolf botnet. Dort coordinated
1 min read
05
Mar
LummaStealer Returns with CastleLoader, Using New Evasion and Social‑Engineering Tricks

LummaStealer Returns with CastleLoader, Using New Evasion and Social‑Engineering Tricks

Bitdefender has observed a resurgence of the LummaStealer information‑stealer, now bundled with the CastleLoader droploader. The combined payload employs
1 min read
05
Mar

Kimwolf Botmaster ‘Dort’ Exposed: New Tactics and Infrastructure Threatening Enterprises

Krebs on Security has identified the individual behind the Kimwolf botnet as “Dort,” a seasoned cybercriminal who has refined the
1 min read
05
Mar
LummaStealer Returns, Teams with CastleLoader to Boost Persistence

LummaStealer Returns, Teams with CastleLoader to Boost Persistence

Bitdefender has identified a new wave of LummaStealer activity in which the notorious infostealer is being delivered by the CastleLoader
1 min read
03
Mar
APT‑TA423 Uses ScanBox JavaScript Keylogger in News Site Watering‑Hole Attack

APT‑TA423 Uses ScanBox JavaScript Keylogger in News Site Watering‑Hole Attack

An APT group identified as TA423 weaponized the open‑source ScanBox reconnaissance tool and embedded it in compromised JavaScript on
1 min read
03
Mar
Iran‑Aligned Threat Actors Intensify Phishing, Supply‑Chain, and Ransomware Campaigns in 2026

Iran‑Aligned Threat Actors Intensify Phishing, Supply‑Chain, and Ransomware Campaigns in 2026

Palo Alto Networks’ Unit 42 observed a marked uptick in activity by Iranian state‑aligned groups throughout 2026. The actors
1 min read
03
Mar
LummaStealer Returns, Teams with CastleLoader Dropper for Stealthy Access

LummaStealer Returns, Teams with CastleLoader Dropper for Stealthy Access

Bitdefender’s threat‑research team has confirmed that the long‑dormant LummaStealer infostealer has resurfaced, now piggybacking on the CastleLoader
1 min read
03
Mar
SloppyLemming Dual‑Chain Attack Targets Pakistan and Bangladesh Government Networks

SloppyLemming Dual‑Chain Attack Targets Pakistan and Bangladesh Government Networks

The threat group identified as SloppyLemming conducted a coordinated campaign against ministries, law‑enforcement agencies, and critical infrastructure operators in
1 min read