Malware Alerts

Zero Salarium's EDR-Freeze proof-of-concept uses Windows' MiniDumpWriteDump to freeze EDR and antivirus software indefinitely, offering a stealthy alternative to BYOVD attacks without third-party drivers or detection risks.

RevengeHotels (TA558) escalates cyberattacks with AI-crafted loaders delivering VenomRAT malware, targeting Windows users via phishing. The malware features stealth, persistence, and encrypted communication.

Mustang Panda, a China-linked threat actor, uses the SnakeDisk USB worm and updated TONESHELL backdoors to target Thailand-based IPs, deploying the Yokai backdoor for remote access. Learn about their evolving malware tactics and focus on Thailand.

Cybercriminals use X’s AI assistant Grok to bypass ad restrictions and distribute malware through hidden links, reaching millions. Learn about the “Grokking” technique and its impact.

Hackers are exploiting macOS security features like Keychain, TCC, SIP, and Gatekeeper to spread malware. Learn how to detect and prevent these advanced macOS attacks.

Discover how Sindoor Dropper malware uses weaponized .desktop files to infect Linux systems via spear-phishing and deploys MeshAgent RAT.

Discover how the TamperedChef malware uses a fake PDF editor to steal login credentials and sensitive data in a widespread 2025 cyberattack.

Discover how a malicious Go module masquerading as an SSH brute-force tool exfiltrates credentials to a Telegram bot. Learn about its key features and the threat it poses.

Zimperium’s zLabs has uncovered a new variant of the Hook Android banking trojan, featuring ransomware-style overlays and advanced credential theft tactics. Learn about its key features and technical insights.

Adversaries are misusing AI-powered website builders like Lovable to create malicious infrastructure for malware distribution and credential phishing. Discover the emerging threats and how organizations can protect themselves.