-
Cellik Android malware builds malicious versions from Google Play apps
A new Android malware-as-a-service (MaaS) named Cellik is being advertised on underground cybercrime forums offering a robust set of capabilities that include the option to embed it in any app available on the Google Play Store.
- December 16, 2025
- 05:59 PM
0
-
New SantaStealer malware steals data from browsers, crypto wallets
A new malware-as-a-service (MaaS) information stealer named SantaStealer is being advertised on Telegram and hacker forums as operating in memory to avoid file-based detection.
- December 15, 2025
- 05:43 PM
1
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Cybercrime Goes SaaS: Renting Tools, Access, and Infrastructure
Cybercrime has fully shifted to a subscription model, with phishing kits, Telegram OTP bots, infostealer logs, and even RATs now rented like SaaS tools. Varonis explains how this "crime-as-a-service" economy lowers the barrier to entry and gives low-skill attackers on-demand access to advanced capabilities.
- December 02, 2025
- 10:10 AM
- 0
-
DanaBot malware is back to infecting Windows after 6-month break
The DanaBot malware has returned with a new version observed in attacks, six-months after law enforcement's Operation Endgame disrupted its activity in May.
- November 12, 2025
- 11:34 AM
- 0
-
New Atroposia malware comes with a local vulnerability scanner
A new malware-as-a-service (MaaS) platform named Atroposia provides cybercriminals a remote access trojan that combines capabilities for persistent access, evasion, data theft, and local vulnerability scanning.
- October 28, 2025
- 09:15 AM
- 0
-
Lumma infostealer malware returns after law enforcement disruption
The Lumma infostealer malware operation is gradually resuming activities following a massive law enforcement operation in May, which resulted in the seizure of 2,300 domains and parts of its infrastructure.
- July 22, 2025
- 05:34 PM
- 0
-
Microsoft Teams voice calls abused to push Matanbuchus malware
The Matanbuchus malware loader has been seen being distributed through social engineering over Microsoft Teams calls impersonating IT helpdesk.
- July 17, 2025
- 05:28 PM
- 0
-
DanaBot malware operators exposed via C2 bug added in 2022
A vulnerability in the DanaBot malware operation introduced in June 2022 update led to the identification, indictment, and dismantling of their operations in a recent law enforcement action.
- June 10, 2025
- 05:46 PM
- 0
-
StealC malware enhanced with stealth upgrades and data theft tools
The creators of StealC, a widely-used information stealer and malware downloader, have released its second major version, bringing multiple stealth and data theft enhancements.
- May 04, 2025
- 10:11 AM
- 0
-
Infostealer malware bypasses Chrome’s new cookie-theft defenses
Infostealer malware developers released updates claiming to bypass Google Chrome's recently introduced feature App-Bound Encryption to protect sensitive data such as cookies.
- September 24, 2024
- 01:31 PM
- 0
-
Banking malware Grandoreiro returns after police disruption
The banking trojan "Grandoreiro" is spreading in a large-scale phishing campaign in over 60 countries, targeting customer accounts of roughly 1,500 banks.
- May 18, 2024
- 10:12 AM
- 0
-
Firebird RAT creator and seller arrested in the U.S. and Australia
A joint police operation between the Australian Federal Police (AFP) and the FBI has led to the arrest and charging of two individuals who are believed to be behind the development and distribution of the "Firebird" remote access trojan (RAT), later rebranded as "Hive."
- April 13, 2024
- 10:17 AM
- 1
-
Lumma Stealer malware now uses trigonometry to evade detection
The Lumma information-stealing malware is now using an interesting tactic to evade detection by security software - the measuring of mouse movements using trigonometry to determine if the malware is running on a real machine or an antivirus sandbox.
- November 20, 2023
- 09:40 AM
- 1
-
Typhon info-stealing malware devs upgrade evasion capabilities
The developers of the Typhon info-stealer announced on a dark web forum that they have updated the malware to a major version they advertise as 'Typhon Reborn V2'
- April 05, 2023
- 04:30 PM
- 0
-
New WhiteShadow Downloader Uses MSSQL Servers for Malware Delivery
A new malware downloader delivered via multiple campaigns uses detection evasion techniques and Microsoft SQL queries to drop malicious payloads onto compromised machines.
- September 26, 2019
- 06:15 PM
- 0
-
Cryptojacking Overtakes Ransomware, Malware-as-a-Service on the Rise
Cryptominers infected roughly ten times more organizations during 2018 than ransomware did, however only one in five security professionals knew that their company's systems have been impacted by a malware attack as reported by Check Point Research.
- February 06, 2019
- 09:23 AM
- 0
