Sign up
Login
MALWARE
//
THREAT ACTORS
//
VULNERABILITIES
2601
Malware Objects
31469
Documents talking Malware
50
Active Sources
15
Updates so far today
Hot threats you should care about.
CVE-2023-46805
Fudmodule
Alphv
Moobot
Clickfix
3 updates this week.
9.091%
malware
phishing
powershell
windows
ransomware
infostealers
macos
clearfake
lumma stealer
lumma
+55 other associations
ClickFix is a malicious software (malware) that has been actively exploiting computers and devices, primarily through fake WordPress plug-ins. The malware campaign leverages these bogus plug-ins to inject JavaScript that leads to ClickFix fake browser updates. These updates use blockchain and smart
KONNI
3 updates this week.
200%
kimsuky
apt37
apt
rat
malware
russia
phishing
ta406
vulnerability
cve-2023-38831
+79 other associations
Konni is a malicious software (malware) linked to North Korea, specifically associated with the state-sponsored Kimsuky group. This advanced persistent threat (APT) has been active since at least 2021, focusing on high-profile targets such as the Russian Ministry of Foreign Affairs, the Russian Emba
RomCom
2 updates this week.
300%
malware
exploit
romcom backd...
backdoor
vulnerability
ransomware
rat
peapod
windows
microsoft
+102 other associations
RomCom, a malicious software, has been identified as a significant cyber threat. Reports from third-party and open-source intelligence since spring 2022 have indicated a connection between RomCom Remote Access Trojan (RAT) actors, Cuba ransomware actors, and Industrial Spy ransomware actors. The mal
Warmcookie
2 updates this week.
300%
backdoor
malware
ransomware
badspace
malvertising
javascript
+8 other associations
WarmCookie, also known as BadSpace, is a sophisticated two-stage "lightweight backdoor" malware that emerged in April 2024. Distributed primarily through malspam and malvertising campaigns, notably one called REF6127, the malware initiates its infection chain via email lures—typically invoice-relate
Hijackloader
2 updates this week.
166.7%
malware
payload
loader
malware loader
redline stea...
systembc
remcos
asmcrypt
phishing
cybercrime
+56 other associations
HijackLoader is a new and rapidly growing malware in the cybercrime community, designed to exploit and damage computer systems. This malicious software infects systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once infiltrated, HijackLoader can steal personal
TrickBot
2 updates this week.
166.7%
malware
ransomware
emotet
conti
ryuk
trickbot group
botnet
trojan
icedid
fraud
+186 other associations
TrickBot is a notorious malware developed by cybercriminals to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites. This malicious software can steal personal information, disrupt operations, or even hold data hostage for ransom. Vladimir Dunaev,
Hunters
2 updates this week.
-20%
ransomware
telegram
exploit
lapsus
ransom
extortion
malware
hive
cybercrime
hunters inte...
+77 other associations
Malware hunters, often referred to as bug hunters, play a critical role in cybersecurity by identifying and addressing vulnerabilities in software systems. In 2023, these professionals proved their worth at the Pwn2Own Toronto event where they identified 58 unique zero-day vulnerabilities, earning a
Bumblebee
2 updates this week.
166.7%
malware
ransomware
icedid
loader
payload
trickbot
qakbot
exploit
bazarloader
malware loader
+85 other associations
Bumblebee is a type of malware that has been linked to ITG23, a cyber threat group. Over the past year, it has been used in conjunction with other initial access malwares such as Emotet, IcedID, Qakbot, and Gozi during ITG23 attacks. The same values for self-signed certificates seen in Bumblebee hav