Today > | 10 High | 29 Medium | 8 Low vulnerabilities - You can now download lists of IOCs here!
8 attack reports | 0 vulnerabilities
The intelligence report details the discovery and analysis of an attack campaign by the APT-K-47 organization, also known as Mysterious Elephant. The attackers used a CHM file to execute a malicious payload, which is an upgraded version of their Asyncshell tool. The new version, dubbed Asyncshell-v…
JinxLoader, a Go-based malware loader distributed via phishing emails, has evolved into Astolfo Loader. Originally sold on Hack Forums, JinxLoader was designed to deploy additional malware on Windows and Linux systems. The malware operates as a Malware-as-a-Service, making sophisticated tools acces…
A sophisticated supply chain attack has been discovered targeting the NPM ecosystem. The malicious package 'jest-fet-mock' impersonates popular testing utilities and uses Ethereum smart contracts for command-and-control operations. This cross-platform malware affects Windows, Linux, and macOS, exec…
This investigation tracked infrastructure linked to the APT group Transparent Tribe, identifying 15 malicious hosts on DigitalOcean serving as command-and-control servers for the Mythic exploitation framework. The group employs Linux desktop entry files as an attack vector, targeting individuals in…
An analysis reveals the distribution of malware through an MSI package, specifically SectopRat and Redline stealer. The malware employs techniques like executing malicious scripts, disabling security measures, and establishing persistence through scheduled tasks. It communicates with command-and-co…
A recent cybersecurity investigation uncovered a malware distribution campaign called DeerStealer. The malware was disseminated through counterfeit Google Authenticator websites, tricking visitors into downloading the malicious payload hosted on GitHub. Upon execution, the stealer collects system i…
While monitoring data in Recorded Future Malware Intelligence, Insikt Group identified purported virtual meeting software called Vortax that, upon download and installation, delivers three information stealers (“infostealers”) in cross-platform attacks — Rhadamanthys, Stealc, and, most notably, Ato…
Vidar Stealer is a potent malware written in C++, capable of stealing a wide range of data from the compromised system. Vidar Stealer targets user’s personal data, web-browser data, cryptocurrency wallets, financial data, sensitive files within user directories, communication applications, process …