ta558
TA558 2026: The Quiet Upgrade
Which scenario will best describe TA558’s (aka RevengeHotels) evolution by June 30, 2026?
malware
darkwatchman
DarkWatchMan and Hive0117: Fileless Malware Evolution Targeting Russian Critical Infrastructure
DarkWatchMan is a fileless, modular malware family first observed in late 2021 and attributed to the financially motivated Hive0117 group. The malware is primarily delivered via spear-phishing emails containing password-protected archives, targeting Russian critical infrastructure (energy, etc).
psloramyra
PSLoramyra Fileless Loader: Advanced YARA Detection, Memory Forensics, and Cross-Platform Threat Evolution
PSLoramyra represents a sophisticated fileless malware loader employing advanced obfuscation and stealth techniques to evade detection and maintain persistence. The latest detection strategies center on a suite of YARA rules designed to identify HEX-encoded..
bumblebee
Bumblebee Malware Supply Chain Attack: RVTools Compromise, Evolving Tactics, and Strategic Defenses
Bumblebee malware has escalated its tactics by compromising the supply chain of RVTools, a widely used VMware utility, to deliver trojanized installers containing a malicious version.dll loader. This attack, detected in May 2025, distributed malware via both official and typosquatted domains..
spynote
Mobile Malware Threats: SpyNote, BadBazaar, and MOONSHINE
SpyNote, BadBazaar, and MOONSHINE are prominent mobile malware families primarily targeting Android devices.
xcsset
XCSSET Malware: Evolving Threats to macOS Development Environments
XCSSET is a sophisticated modular malware strain that primarily targets macOS systems. It was first identified in 2020 and has since evolved, with recent variants incorporating advanced obfuscation and persistence techniques...
carbanak
Carbanak Malware: Evolution, Impact, and Strategic Defense
Carbanak emerged in 2013, attributed to the Eastern European cybercrime group known as the Carbanak Group or Anunak. This malware family primarily targets financial institutions, driven by the motivation of financial gain.
playfulghost
PLAYFULGHOST: A Comprehensive Technical Analysis of a Sophisticated Malware
PLAYFULGHOST is a newly identified malware that has been observed targeting users through phishing emails and SEO poisoning. This malware is notable for its extensive capabilities, which include keylogging, screen and audio capture, remote shell access, and information stealing.
kematian-stealer
RESEARCH: Kematian Stealer
This malware is designed to covertly exfiltrate sensitive data from infected systems.. Great- github is hosting more malware. awesome.