news
Breaking Cyber News From Cyberint
Breaking news feed of the latest cyber incidents, breaches, vulnerabilities, malware, ransomware and so much more.
- All Items
- Jobinfo
- Israel
- Handala
- Business Services
- Data Encrypted For Impact
- Middle East
- Asia
- Shelter Locations In Israel
- Retail
- Saudi Arabia
- Saudi Games
- Cyber Fattah Team
- Ben Horin & Alexandrovitz
- Zachary Levi And Sons - Construction
- Sivim It
- Kibbutz Almog
- Government
- Manufacturing
- Saban Brands Israel
- Digitalghost
- Mprest
- The Knesset
- Evil_Byte
- Gonjeshke Darande
- Nobitex
- Chemicals And Allied Products
- Kimia Farma
- exclusive
- South-Eastern Asia
- Indonesia
- Sentap
- Transportation
- Northern Europe
- Scania
- Europe
- Hensi
- Sweden
- Tbn Israel
- Media
- Weizmann Institute Of Science
- Education
- Resistancetrench
- Israeli Air Force
- Dienet
- Israel Antiquities Authority
- United States
- Mirai
- CVE-2025-24016
- North America
- Wazuh
- Cve-2025-24016
- Epsilor Electric Fuel
- Clayoxtymus1337
- Technology
- Southern Asia
- Advanced Weapons And Equipment India
- India
- More_Eggs
- Fin6
- Cryptocurrency
- Alex Lab
- Edf Energy
- United Kingdom
- Zoldyck
- Critical Infrastructures
- Sudo And Sudo Caching
- Telecommunications
- Credentials In Files
- Spearphishing Link
- Disable Or Modify Tools
- Match Legitimate Name Or Location
- Spectrum
- Unix Shell
- Ingress Tool Transfer
- Amos
- Israel Defense Forces
- Food And Kindred Products
- Coca-Cola Europacific Partners
- Ghna
- Italy
- Automotive
- Southern Europe
- Locauto
- Whitecoat
- Spain
- Mercadona
- Ups
- Wow Health Solutions
- Healthcare
- Cyprus Airways
- Rip_Real_World
- Netsupport Rat
- Tel Aviv University
- Illeak
- Desec0X
- Unc6032
- Numero
- Chaos
- Lucky_Gh0$T
- Yashma
- Cyberlock
- 303
- Deloitte
- Gucci
- Credentials From Web Browsers
- Password Managers
- Input Capture
- User Execution
- Credentials From Password Stores
- Obfuscated Files Or Information
- Phishing
- System Information Discovery
- Command And Scripting Interpreter
- Exfiltration Over C2 Channel
- Virtualization/Sandbox Evasion
- Screen Capture
- Windows Credential Manager
- Eddiestealer
- Drive-By Compromise
- File And Directory Discovery
- Data From Local System
- Australia And New Zealand
- Australia
- W_Tchdogs
- Superloop
- Resource Hijacking
- Network Service Discovery
- Exploitation For Client Execution
- Escape To Host
- Docker
- External Remote Services
- Smb/Windows Admin Shares
- Remote System Discovery
- Lateral Tool Transfer
- Deploy Container
- Web Protocols
- Change Default File Association
- Exploit Public-Facing Application
- Romania
- Venom Rat
- Bitdefender
- Financial Theft
- Eastern Europe
- Cameleon
- Cve-2023-20118
- Vicioustrap
- Cisco
- Macao Special Administrative Region
- CVE-2023-20118
- Eastern Asia
- Cve-2025-0944
- CVE-2025-0944
- Tetraloader
- Uat-6382
- Trimble
- Dynamic-Link Library Injection
- Silver Fox
- Regsvr32
- Reflective Code Loading
- Valleyrat
- Process Discovery
- Scheduled Task
- File Deletion
- Powershell
- Obfuscated Files Or Information: Encrypted Or Encoded Data
- China
- Malicious File
- Masquerade Task Or Service
- Rundll32
- Qakbot
- Trickbot
- Bumblebee
- Danabot
- Warmcookie
- Cetus
- Purehvnc
- Bytebreaker
- Viralgod
- Telcel
- Latin America And The Caribbean
- Mexico
- Peter Green Chilled
- Cellcom
-
Jun 01, 2025
EDDIESTEALER: New Rust-Based Infostealer Spreads via Fake CAPTCHA Campaigns
"EDDIESTEALER," a sophisticated Rust-based infostealer distributed through fake CAPTCHA verification pages designed to trick users into executing a malicious PowerShell script. Once deployed, the malware targets and exfiltrates sensitive data such as credentials, browser information, and cryptocurrency wallet contents. Communicating with a command and control server, "EDDIESTEALER" uses advanced evasion techniques including string and API obfuscation. It specifically focuses on compromising crypto wallets, browsers, password managers, FTP clients, and messaging apps. Its use of the Rust programming language highlights a growing trend among cybercriminals favoring stealth and resistance to traditional detection methods.
-
May 26, 2025
New Malware Campaign Targets Chinese-Speaking Users with Winos 4.0
Cybersecurity researchers have uncovered a malware campaign that employs fake software installers disguised as popular applications like LetsVPN and QQ Browser to deliver the Winos 4.0 framework. First identified by Rapid7 in February 2025, the campaign utilizes a sophisticated multi-stage loader called Catena, which operates entirely in memory to evade traditional antivirus detection. The malware, attributed to a threat actor known as Silver Fox, specifically targets Chinese-speaking environments and has been active throughout 2025, adapting its tactics to maintain persistence and avoid detection. The campaign leverages trojanized NSIS installers and is characterized by its careful planning and execution.