#remote-access-trojan

[ follow ]
#cybersecurity #malware #phishing #android-malware #malware-as-a-service #pystorerat #github-abuse #rhadamanthys
fromThe Hacker News
1 day ago

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

Cybersecurity researchers are calling attention to a new campaign that's leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT. "These repositories, often themed as development utilities or OSINT tools, contain only a few lines of code responsible for silently downloading a remote HTA file and executing it via 'mshta.exe,'" Morphisec researcher Yonatan Edri said in a report shared with The Hacker News.
Information security
Information security
fromThe Hacker News
1 month ago

Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files

A coordinated spear-phishing campaign named PhantomCaptcha used fake Zoom and Cloudflare CAPTCHA pages to deliver a WebSocket-based remote access trojan to Ukraine-related organizations.
Information security
fromSecurityWeek
2 months ago

Threat Actor Infests Hotels With New RAT

RevengeHotels targets hotels to steal guest credit card data via phishing-delivered RATs, adding AI-generated loaders and VenomRAT to achieve persistent access.
fromThe Hacker News
3 months ago

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

Available in both Python and C variants, CastleRAT's core functionality consists of collecting system information, downloading and executing additional payloads, and executing commands via CMD and PowerShell," Recorded Future Insikt Group said.
Information security
fromThe Hacker News
3 months ago

Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads

The campaign leverages "carefully crafted emails to deliver malicious URLs linked to convincing phishing pages," Fortinet FortiGuard Labs researcher Cara Lin said. "These pages are designed to entice recipients into downloading JavaScript files that act as droppers for UpCrypter." Attacks propagating the malware have been primarily targeting manufacturing, technology, healthcare, construction, and retail/hospitality sectors across the world since the start of August 2025. The vast majority of the infections have been observed in Austria, Belarus, Canada, Egypt, India, and Pakistan, among others.
Information security
#cybersecurity
more#cybersecurity
Node JS
fromIT Pro
6 months ago

Developers beware: Malware has been found in a dozen popular NPM packages - here's what you need to know

Over a dozen NPM packages have been compromised, delivering malware that allows attackers to control infected machines.
Node JS
fromBleepingComputer
6 months ago

Interlock ransomware gang deploys new NodeSnake RAT on universities

Interlock gang deploys NodeSnake RAT against educational institutions, showcasing evolving malware threats.
[ Load more ]