Hackers disguised malicious NodeCordRAT in popular NPM packages, using Discord to control infected computers and steal crypto credentials from unsuspecting developers.
Three malicious npm packages, posing as legitimate Bitcoin libraries, infiltrated developer systems and stole sensitive credentials and cryptocurrency wallets using Discord-based malware. Here’s how the attack unfolded and what it means for supply chain security.
#Bitcoin libraries | #Supply chain attack | #Remote Access Trojan
A new phishing campaign is targeting European hotels with convincing fake Booking.com emails. Victims are tricked into following bogus blue screen recovery steps that install DCRat, a potent Russian remote access trojan. The attack leverages social engineering and abuses trusted Windows tools to evade detection and persist on infected systems.
A sophisticated ClickFix campaign is targeting the European hospitality sector with fake Booking.com emails and technical trickery, deploying resilient remote access trojans to compromise hotel networks.
APT36 is using weaponized Windows shortcut files in a sophisticated cyber-espionage campaign targeting Indian government systems. Discover how fileless malware, adaptive persistence, and deceptive tactics enable long-term, undetected access to sensitive data.
Cybercriminals are exploiting India’s tax season with convincing phishing emails that deliver layered malware, giving attackers persistent control over enterprise systems. Here’s how the campaign unfolds and why vigilance is critical.
Hackers have weaponized the popular Nezha server monitoring tool, transforming it into a stealthy backdoor that evades detection. Learn how cybercriminals exploit trusted software to gain full control over computers worldwide.
A passenger ferry in France became the center of a cyber espionage probe after authorities discovered remote control malware on its systems. With suspicions of Russian involvement, the case exposes growing cyber risks to maritime infrastructure.
#Cyber Sabotage | #Maritime Security | #Remote Access Trojan
ZnDoor, a stealthy remote access trojan, is actively exploiting the React2Shell vulnerability in web applications to breach Japanese enterprise networks. With advanced evasion and lateral movement capabilities, this malware signals a new era of targeted cyberattacks against business infrastructure.
A new attack campaign called JS#SMUGGLER is using compromised websites to deliver NetSupport RAT, a powerful remote access trojan. This investigative feature unpacks the technical layers, evasion tactics, and broader implications for enterprise security.