Subscribe
Monday, May 25, 2026
type here...
Subscribe
HomeMalware

Malware

Scavenger Malware Compromises Top npm Packages to Target Developers

A sophisticated supply chain attack targeting developers emerged on Friday, July 18, 2025, when cybercriminals compromised several popular npm packages, including the widely used eslint-config-prettier package. The attack, dubbed "Scavenger" by security researchers due to multiple references to "SCVNGR" strings in the malware variants,...
Read more

Introducing ClickFix – A New ClickFake Interview Attack Delivering GolangGhost Malware

A newly observed social engineering wave tied to the Lazarus constellation is exploiting the seasonal rush for remote cryptocurrency jobs. Dubbed “ClickFix”, the lure refines the earlier ClickFake Interview playbook by introducing a new repair-tool twist that incorporates a bespoke Go backdoor, which the Sekoia TDR team...
Read more

Revealing the Threat – DCHSpy Android Malware Harvests WhatsApp Data, Call Logs, and Stealthily Records Audio & Photos

Cybersecurity researchers at Lookout have uncovered four new samples of DCHSpy, a sophisticated Android surveillance malware, discovered just one week after the escalation of the Israel-Iran conflict. This discovery reveals the ongoing evolution of mobile espionage tools deployed by Iranian state-sponsored actors during times...
Read more

Android Malware and Click FraudA Apps Join Forces to Hijack Login Credentials

Cybersecurity researchers at Trustwave SpiderLabs have uncovered a sophisticated Android malware operation that combines brand impersonation with large-scale traffic monetization, targeting users across multiple regions with fake applications designed to steal credentials and generate fraudulent advertising revenue. The investigation revealed an active threat cluster distributing...
Read more

LOLBin Tools Exploit .LNK Files to Distribute DeerStealer Malware

Cybersecurity researchers have identified a sophisticated phishing campaign that leverages obfuscated .LNK shortcut files and Living Off The Land Binary (LOLBin) techniques to deliver DeerStealer malware. The attack exploits legitimate Windows system tools, particularly mshta.exe, to execute malicious payloads while evading traditional security detection...
Read more

Zoho WorkDrive Exploited by Threat Actors to Distribute Obfuscated PureRAT Malware

eSentire’s Threat Response Unit (TRU) has uncovered a highly sophisticated attack campaign leveraging Zoho WorkDrive to deliver the increasingly prevalent PureRAT malware, targeting a certified public accounting firm in the United States in May 2025. This operation highlights the evolving tactics of cybercriminals, who...
Read more

About us

The Cyber News is an online community for security professionals. It features articles from top security researchers, CISOs, and technology experts.

Company

The latest

Burp Suite Supercharges Its Scanning Capabilities With React2Shell Vulnerability Detection

Cybersecurity News 0
PortSwigger has leveled up Burp Suite's scanning arsenal with...

Malicious MCP Servers Enable New Prompt Injection Attack To Drain Resources

Cybersecurity News 0
Unit 42 researchers at Palo Alto Networks exposed serious...

Law Enforcement Detains Hackers Equipped With Specialized Flipper Hacking Tools

Cyber News 0
Polish police have arrested three Ukrainian men traveling through...

Subscribe

© 2025 the Cyber News