Category of intelligence

Malware

News about viruses, Ransomware, Trojans and other malicious software

Stories published: 540 Showing up 9 articles per page

Supply chain attack: Bitwarden CLI committed through CI / CD exposes credentials and secrets

Malware

April 23, 2026 4 min de lectura 79

Supply chain attack: Bitwarden CLI committed through CI / CD exposes credentials and secrets

Recent findings on the verification of the official Bitwarden CLI package once again reveal the seriousness of the supply chain attacks: a malicious actor managed to introduce cod…

GopherWhisper: the new state actor that turns Slack, Discord and Microsoft 365 into a command and control arsenal

Malware

April 23, 2026 4 min de lectura 137

GopherWhisper: the new state actor that turns Slack, Discord and Microsoft 365 into a command and control arsenal

ESET has revealed a sustained campaign against government entities that introduce a new actor, baptized as GopherWhisper, and whose distinctive feature is not only its origin and …

Apple launches emergency patch for iPhone and iPad by failure in notifications that could keep deleted messages (CVE-2026-28950)

Malware

April 22, 2026 5 min de lectura 128

Apple launches emergency patch for iPhone and iPad by failure in notifications that could keep deleted messages (CVE-2026-28950)

Apple launched an urgent correction for iPhone and iPad to close a crack in the notification system that, according to the company, could cause warnings that the user had removed …

CVE-2025-29635: Mirai finds its target in abandoned D-Link routers

Malware

April 22, 2026 4 min de lectura 150

CVE-2025-29635: Mirai finds its target in abandoned D-Link routers

More than a year ago security researchers published a failure in certain D-Link routers that has now started to be actively exploited by a Mirai-based botnet. The defect, identifi…

Managed Docker images and malicious extensions expose IAC secrets

Malware

April 22, 2026 5 min de lectura 126

Managed Docker images and malicious extensions expose IAC secrets

Last week a worrying intrusion was detected in a critical piece of the DevOps ecosystem: the official images of the Docker repository Checkmarx / kics were manipulated by unknown …

Harvester expands its arsenal to Linux with Gogra for ELF and uses Outlook and Microsoft Graph as a C2 channel

Malware

April 22, 2026 5 min de lectura 118

Harvester expands its arsenal to Linux with Gogra for ELF and uses Outlook and Microsoft Graph as a C2 channel

A cyberespionage operation is expanding its horizons and adapting its code to attack Linux systems: the group known as Harvester - linked since 2021 to campaigns aimed at organiza…

The call scam has become an organized industry that steals millions

Malware

April 22, 2026 6 min de lectura 144

The call scam has become an organized industry that steals millions

Fraudulent calls are no longer just a sporadic nuisance: they have become an industrialized phenomenon that affects millions of people. There are increasingly networks behind the …

Malware

April 22, 2026 4 min de lectura 99

Lotus Wiper: The destructive malware that aims to leave the critical systems of the Venezuelan energy sector inoperative

In late 2025 and early 2025 cyber security researchers have identified a destructive malware so far undocumented that was used in a series of attacks directed against the energy a…

Serious vulnerability in ASP.NET Core (CVE-2026-40372) could allow privilege elevation: it updates to 10.0.7 and breaks the key ring

Malware

April 22, 2026 4 min de lectura 146

Serious vulnerability in ASP.NET Core (CVE-2026-40372) could allow privilege elevation: it updates to 10.0.7 and breaks the key ring

Microsoft has published off-cycle updates to correct critical vulnerability in ASP.NET Core that could allow an attacker to raise its privileges in affected systems. Registered as…

Explore RadarBytes

Malware

Supply chain attack: Bitwarden CLI committed through CI / CD exposes credentials and secrets

GopherWhisper: the new state actor that turns Slack, Discord and Microsoft 365 into a command and control arsenal

Apple launches emergency patch for iPhone and iPad by failure in notifications that could keep deleted messages (CVE-2026-28950)

CVE-2025-29635: Mirai finds its target in abandoned D-Link routers

Managed Docker images and malicious extensions expose IAC secrets

Harvester expands its arsenal to Linux with Gogra for ELF and uses Outlook and Microsoft Graph as a C2 channel

The call scam has become an organized industry that steals millions

Lotus Wiper: The destructive malware that aims to leave the critical systems of the Venezuelan energy sector inoperative

Serious vulnerability in ASP.NET Core (CVE-2026-40372) could allow privilege elevation: it updates to 10.0.7 and breaks the key ring

Disable your ad blocker

Malware

Manage your cookies