Groups
Groups
Sign in
Groups
Groups
Technical - Malware
Conversations
About
Send feedback
Help
Technical - Malware
1–30 of 8843
Mark all as read
Report group
0 selected
Eyal Estrin
May 14
Kazuar: Anatomy of a nation-state botnet
https://www.microsoft.com/en-us/security/blog/2026/05/14/kazuar-anatomy-of-a-nation-state-botnet/
unread,
Kazuar: Anatomy of a nation-state botnet
https://www.microsoft.com/en-us/security/blog/2026/05/14/kazuar-anatomy-of-a-nation-state-botnet/
May 14
Eyal Estrin
May 14
The Symbiosis of Residential Proxy Services and Malware Ecosystems
https://www.bitsight.com/blog/residential-proxy-services-malware-ecosystems Eyal Estrin Author |
unread,
The Symbiosis of Residential Proxy Services and Malware Ecosystems
https://www.bitsight.com/blog/residential-proxy-services-malware-ecosystems Eyal Estrin Author |
May 14
Eyal Estrin
May 12
Operation HookedWing: 4-Year Multi-Sector Phishing Campaign
https://socradar.io/blog/operation-hookedwing-4-year-phishing/ Eyal Estrin Author | Cloud Architect |
unread,
Operation HookedWing: 4-Year Multi-Sector Phishing Campaign
https://socradar.io/blog/operation-hookedwing-4-year-phishing/ Eyal Estrin Author | Cloud Architect |
May 12
Eyal Estrin
May 11
New TrickMo Variant: Device Take Over malware targeting Banking, Fintech, Wallet & Auth apps
https://www.threatfabric.com/blogs/new-trickmo-variant-device-take-over-malware-targeting-banking-
unread,
New TrickMo Variant: Device Take Over malware targeting Banking, Fintech, Wallet & Auth apps
https://www.threatfabric.com/blogs/new-trickmo-variant-device-take-over-malware-targeting-banking-
May 11
Eyal Estrin
May 11
JDownloader website was hacked to distribute malicious Windows and Linux installers carrying a Python RAT between May 6–7, 2026
https://securityaffairs.com/191920/malware/official-jdownloader-site-served-malware-to-windows-and-
unread,
JDownloader website was hacked to distribute malicious Windows and Linux installers carrying a Python RAT between May 6–7, 2026
https://securityaffairs.com/191920/malware/official-jdownloader-site-served-malware-to-windows-and-
May 11
Eyal Estrin
May 10
Fake call logs, real payments: How CallPhantom tricks Android users
https://www.welivesecurity.com/en/eset-research/fake-call-logs-real-payments-how-callphantom-tricks-
unread,
Fake call logs, real payments: How CallPhantom tricks Android users
https://www.welivesecurity.com/en/eset-research/fake-call-logs-real-payments-how-callphantom-tricks-
May 10
Eyal Estrin
May 9
TCLBANKER: Brazilian Banking Trojan Spreading via WhatsApp and Outlook
https://www.elastic.co/security-labs/tclbanker-brazilian-banking-trojan Eyal Estrin Author | Cloud
unread,
TCLBANKER: Brazilian Banking Trojan Spreading via WhatsApp and Outlook
https://www.elastic.co/security-labs/tclbanker-brazilian-banking-trojan Eyal Estrin Author | Cloud
May 9
Eyal Estrin
May 8
PamDOORa: Analyzing a New Linux PAM-Based Backdoor for Sale on the Dark Web
https://flare.io/learn/resources/blog/pamdoora-new-linux-pam-based-backdoor-sale-dark-web Eyal Estrin
unread,
PamDOORa: Analyzing a New Linux PAM-Based Backdoor for Sale on the Dark Web
https://flare.io/learn/resources/blog/pamdoora-new-linux-pam-based-backdoor-sale-dark-web Eyal Estrin
May 8
Eyal Estrin
May 8
Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise
https://www.microsoft.com/en-us/security/blog/2026/05/04/breaking-the-code-multi-stage-code-of-
unread,
Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise
https://www.microsoft.com/en-us/security/blog/2026/05/04/breaking-the-code-multi-stage-code-of-
May 8
Eyal Estrin
May 8
UAT-8302 and its box full of malware
https://blog.talosintelligence.com/uat-8302/ Eyal Estrin Author | Cloud Architect | AWS • Azure • GCP
unread,
UAT-8302 and its box full of malware
https://blog.talosintelligence.com/uat-8302/ Eyal Estrin Author | Cloud Architect | AWS • Azure • GCP
May 8
Eyal Estrin
May 8
OceanLotus suspected of using PyPI to deliver ZiChatBot malware
https://securelist.com/oceanlotus-suspected-pypi-zichatbot-campaign/119603/ Eyal Estrin Author |
unread,
OceanLotus suspected of using PyPI to deliver ZiChatBot malware
https://securelist.com/oceanlotus-suspected-pypi-zichatbot-campaign/119603/ Eyal Estrin Author |
May 8
Eyal Estrin
May 8
PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale
https://www.sentinelone.com/labs/cloud-worm-evicts-teampcp-and-steals-credentials-at-scale/ Eyal
unread,
PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale
https://www.sentinelone.com/labs/cloud-worm-evicts-teampcp-and-steals-credentials-at-scale/ Eyal
May 8
Eyal Estrin
May 8
ClickFix campaign uses fake macOS utilities lures to deliver infostealers
https://www.microsoft.com/en-us/security/blog/2026/05/06/clickfix-campaign-uses-fake-macos-utilities-
unread,
ClickFix campaign uses fake macOS utilities lures to deliver infostealers
https://www.microsoft.com/en-us/security/blog/2026/05/06/clickfix-campaign-uses-fake-macos-utilities-
May 8
Eyal Estrin
May 7
CloudZ RAT potentially steals OTP messages using Pheno plugin
https://blog.talosintelligence.com/cloudz-pheno-infostealer/ Eyal Estrin Author | Cloud Architect |
unread,
CloudZ RAT potentially steals OTP messages using Pheno plugin
https://blog.talosintelligence.com/cloudz-pheno-infostealer/ Eyal Estrin Author | Cloud Architect |
May 7
Eyal Estrin
May 7
Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomware
https://www.rapid7.com/blog/post/tr-muddying-tracks-state-sponsored-shadow-behind-chaos-ransomware/
unread,
Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomware
https://www.rapid7.com/blog/post/tr-muddying-tracks-state-sponsored-shadow-behind-chaos-ransomware/
May 7
Eyal Estrin
May 7
The State Of Ransomware April 2026
https://www.blackfog.com/the-state-of-ransomware-april-2026/ Eyal Estrin Author | Cloud Architect |
unread,
The State Of Ransomware April 2026
https://www.blackfog.com/the-state-of-ransomware-april-2026/ Eyal Estrin Author | Cloud Architect |
May 7
Eyal Estrin
May 6
Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities
https://www.trendmicro.com/en_us/research/26/e/quasar-linux-qlnx-a-silent-foothold-in-the-software-
unread,
Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities
https://www.trendmicro.com/en_us/research/26/e/quasar-linux-qlnx-a-silent-foothold-in-the-software-
May 6
Eyal Estrin
May 6
Sonatype Q1 2026 Open-Source Malware Index
https://www.sonatype.com/press-releases/sonatype-q1-2026-open-source-malware-index Eyal Estrin Author
unread,
Sonatype Q1 2026 Open-Source Malware Index
https://www.sonatype.com/press-releases/sonatype-q1-2026-open-source-malware-index Eyal Estrin Author
May 6
Eyal Estrin
May 6
Thales 2026 Bad Bot Report: Bad Bots in the Agentic Age
https://www.thalesgroup.com/en/news-centre/press-releases/ai-driven-bot-attacks-surged-125x-according
unread,
Thales 2026 Bad Bot Report: Bad Bots in the Agentic Age
https://www.thalesgroup.com/en/news-centre/press-releases/ai-driven-bot-attacks-surged-125x-according
May 6
Eyal Estrin
May 6
DAEMON Tools software infected – supply chain attack ongoing since April 8, 2026
https://securelist.com/tr/daemon-tools-backdoor/119654/ Eyal Estrin Author | Cloud Architect | AWS •
unread,
DAEMON Tools software infected – supply chain attack ongoing since April 8, 2026
https://securelist.com/tr/daemon-tools-backdoor/119654/ Eyal Estrin Author | Cloud Architect | AWS •
May 6
Eyal Estrin
May 5
Dual-RMM Phishing Campaign Leveraging JWrapper-Packaged SimpleHelp and ScreenConnect for Silent Remote Access
https://www.securonix.com/blog/venomous-helper-phishing-campaign Eyal Estrin Author | Cloud Architect
unread,
Dual-RMM Phishing Campaign Leveraging JWrapper-Packaged SimpleHelp and ScreenConnect for Silent Remote Access
https://www.securonix.com/blog/venomous-helper-phishing-campaign Eyal Estrin Author | Cloud Architect
May 5
Eyal Estrin
May 5
“Legitimate” phishing: how attackers weaponize Amazon SES to bypass email security
https://securelist.com/amazon-ses-phishing-and-bec-attacks/119623/ Eyal Estrin Author | Cloud
unread,
“Legitimate” phishing: how attackers weaponize Amazon SES to bypass email security
https://securelist.com/amazon-ses-phishing-and-bec-attacks/119623/ Eyal Estrin Author | Cloud
May 5
Eyal Estrin
May 4
FEMITBOT: Abuse of Telegram Mini Apps for Large-Scale Fraud Campaigns
https://ctm360.com/track-report-view?pdf=https%3A%2F%2Fcdn.prod.website-files.com%
unread,
FEMITBOT: Abuse of Telegram Mini Apps for Large-Scale Fraud Campaigns
https://ctm360.com/track-report-view?pdf=https%3A%2F%2Fcdn.prod.website-files.com%
May 4
Eyal Estrin
May 4
Microsoft Defender flagging "Cerdigent" trojan malware on Windows 11, Server PCs worldwide
https://www.neowin.net/news/microsoft-defender-flagging-cerdigent-trojan-malware-on-windows-11-server
unread,
Microsoft Defender flagging "Cerdigent" trojan malware on Windows 11, Server PCs worldwide
https://www.neowin.net/news/microsoft-defender-flagging-cerdigent-trojan-malware-on-windows-11-server
May 4
Eyal Estrin
May 2
Meet Bluekit: The AI-Powered All-in-One Phishing Kit
https://www.varonis.com/blog/bluekit Eyal Estrin Author | Cloud Architect | AWS • Azure • GCP
unread,
Meet Bluekit: The AI-Powered All-in-One Phishing Kit
https://www.varonis.com/blog/bluekit Eyal Estrin Author | Cloud Architect | AWS • Azure • GCP
May 2
Eyal Estrin
May 2
Defending Against CORDIAL SPIDER and SNARKY SPIDER with Falcon Shield
https://www.crowdstrike.com/en-us/blog/defending-against-cordial-spider-and-snarky-spider-with-falcon
unread,
Defending Against CORDIAL SPIDER and SNARKY SPIDER with Falcon Shield
https://www.crowdstrike.com/en-us/blog/defending-against-cordial-spider-and-snarky-spider-with-falcon
May 2
Eyal Estrin
Apr 30
Inside a Fake DHL Campaign Built to Steal Credentials
https://www.forcepoint.com/blog/x-labs/fake-dhl-phishing-campaign-credential-theft Eyal Estrin Author
unread,
Inside a Fake DHL Campaign Built to Steal Credentials
https://www.forcepoint.com/blog/x-labs/fake-dhl-phishing-campaign-credential-theft Eyal Estrin Author
Apr 30
Eyal Estrin
Apr 30
Claude adds malware to crypto agent
https://www.reversinglabs.com/blog/claude-promptmink-malware-crypto Eyal Estrin Author | Cloud
unread,
Claude adds malware to crypto agent
https://www.reversinglabs.com/blog/claude-promptmink-malware-crypto Eyal Estrin Author | Cloud
Apr 30
Eyal Estrin
Apr 30
Supply Chain Campaign Targets SAP npm Packages with Credential-Stealing Malware
https://www.wiz.io/blog/mini-shai-hulud-supply-chain-sap-npm Eyal Estrin Author | Cloud Architect |
unread,
Supply Chain Campaign Targets SAP npm Packages with Credential-Stealing Malware
https://www.wiz.io/blog/mini-shai-hulud-supply-chain-sap-npm Eyal Estrin Author | Cloud Architect |
Apr 30
Eyal Estrin
Apr 29
Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories
https://www.trendmicro.com/en_us/research/26/d/void-dokkaebi-uses-fake-job-interview-lure-to-spread-
unread,
Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories
https://www.trendmicro.com/en_us/research/26/d/void-dokkaebi-uses-fake-job-interview-lure-to-spread-
Apr 29
