Topic: malware payloads
-
Notepad++ Supply Chain Attack: Details, Targets, and IoCs Revealed
A Chinese state-sponsored group exploited the Notepad++ update mechanism to deliver malware in a targeted supply chain attack, focusing on high-value victims in Southeast Asia and beyond. The attack used malicious installers to deploy sophisticated backdoors like "Chrysalis" and Cobalt Strike, em...
Read More » -
Malicious npm Packages Target Ethereum Smart Contracts
A new wave of malicious npm packages uses Ethereum smart contracts to hide command-and-control infrastructure, making detection more difficult. Attackers also created fake GitHub repositories with artificially inflated metrics to appear legitimate and target cryptocurrency developers. This campai...
Read More » -
Hackers Now Use Tsundere Bot for Ransomware Attacks
The TA584 threat actor has significantly escalated operations, tripling campaign volume in late 2025 and expanding its geographic targeting to include Germany and Australia, while deploying the Tsundere Bot and XWorm trojan to establish network access for ransomware. The group uses a sophisticate...
Read More » -
Urgent Windows 0-Day and Critical Flaw Actively Exploited
Two critical Windows vulnerabilities are being actively exploited in widespread global attacks, including a zero-day flaw used since 2017 and another that Microsoft failed to patch in a recent update. The zero-day vulnerability (CVE-2025-9491) has been exploited by up to eleven advanced threat gr...
Read More » -
Unpatched Gogs Bug Actively Exploited, CISA Warns
A critical vulnerability (CVE-2025-8110) in the Gogs platform is being actively exploited, allowing authenticated users to achieve remote code execution by overwriting files via a symbolic link flaw. Over 700 Gogs instances have already been compromised, with no official patch yet available, thou...
Read More »