malware detection

With AI’s help, North Korean hackers stumbled into a near-undetectable attack

AI, Crypto, Don't miss, Expel, government-backed attacks, Hot stuff, malware detection, News, North Korea, social engineering, theft, web development /

With AI’s help, North Korean hackers stumbled into a near-undetectable attack 2026-04-24 at 08:22 By Zeljka Zorz For many years, state-sponsored hacking was defined by human expertise in finding security holes, writing malware and exploits, pulling off social engineering and phishing attacks, and much more. Since the advent of LLM-powered AI assistants and tools, less […]

With AI’s help, North Korean hackers stumbled into a near-undetectable attack Read More »

Malware detectors trained on one dataset often stumble on another

cybersecurity, ENISA, machine learning, malware detection, News, research /

Malware detectors trained on one dataset often stumble on another 2026-04-01 at 07:05 By Anamarija Pogorelec Machine learning models built to catch malware on Windows systems are typically evaluated on data that closely resembles their training set. In practice, the malware arriving on enterprise endpoints looks different, comes from different sources, and in many cases

Malware detectors trained on one dataset often stumble on another Read More »

Linux users targeted by crypto thieves via hijacked apps on Snap Store

Canonical, Cryptocurrency, digital wallet, Don't miss, Hot stuff, Linux, Malware, malware detection, News, Snap Store, software protection /

Linux users targeted by crypto thieves via hijacked apps on Snap Store 2026-01-21 at 12:17 By Zeljka Zorz Cryptocurrency thieves have found a new way to turn trusted software packages for Linux on the Snap Store into crypto-stealing malware, Ubuntu contributor and former Canonical developer Alan Pope warned. SnapScope web app identifies malicious snaps (Source:

Linux users targeted by crypto thieves via hijacked apps on Snap Store Read More »

Maltrail: Open-source malicious traffic detection system

Don't miss, GitHub, Linux, malware detection, monitoring, News, open source, software, Threat Intelligence, traffic monitoring /

Maltrail: Open-source malicious traffic detection system 2025-10-15 at 08:30 By Sinisa Markovic Maltrail is an open-source network traffic detection system designed to spot malicious or suspicious activity. It works by checking traffic against publicly available blacklists, as well as static lists compiled from antivirus reports and user-defined sources. These “trails” can include domain names, URLs,

Maltrail: Open-source malicious traffic detection system Read More »

Microsoft spots LLM-obfuscated phishing attack

Don't miss, Hot stuff, LLMs, malware detection, Microsoft, News, phishing /

Microsoft spots LLM-obfuscated phishing attack 2025-09-25 at 19:00 By Zeljka Zorz Cybercriminals are increasingly using AI-powered tools and (malicious) large language models to create convincing, error-free emails, deepfakes, online personas, lookalike/fake websites, and malware. There’s even been a documented instance of an attacker using the agentic AI coding assistant Claude Code (along with Kali Linux)

Microsoft spots LLM-obfuscated phishing attack Read More »

The unseen side of malware and how to find it

cybersecurity, Don't miss, Malware, malware detection, News, report, Stairwell, threat detection, threats /

The unseen side of malware and how to find it 2025-09-19 at 08:31 By Anamarija Pogorelec Security teams rely on threat reports to understand what’s out there and to keep their organizations safe. But a new report shows that these reports might only reveal part of the story. Hidden malware variants are quietly slipping past

The unseen side of malware and how to find it Read More »

Project Ire: Microsoft’s autonomous malware detection AI agent

AI, automation, Don't miss, Hot stuff, LLM, malware detection, Microsoft, Microsoft Defender, News, reverse engineering /

Project Ire: Microsoft’s autonomous malware detection AI agent 2025-08-05 at 19:45 By Zeljka Zorz Microsoft is working on a AI agent whose main goal is autonomous malware detection and the prototype – dubbed Project Ire – is showing great potential, the company has announced on Tuesday. Tested on a dataset of known malicious and benign

Project Ire: Microsoft’s autonomous malware detection AI agent Read More »

Stealthy StilachiRAT steals data, may enable lateral movement

data theft, Malware, malware detection, Microsoft, News, Remote Access Trojan, Windows /

Stealthy StilachiRAT steals data, may enable lateral movement 2025-03-18 at 15:48 By Zeljka Zorz While still not widely distributed, a new Windows remote access trojan (RAT) dubbed StilachiRAT is a serious threat. “[The malware] demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data,” Microsoft threat analysts have warned on

Stealthy StilachiRAT steals data, may enable lateral movement Read More »

Evasive Node.js loader masquerading as game hack

Don't miss, Hot stuff, Malware, malware detection, News, online gaming, Zscaler /

Evasive Node.js loader masquerading as game hack 2024-12-16 at 15:03 By Zeljka Zorz Malware peddlers are using NodeLoader, a loader written in Node.js, to foil security solutions and deliver infostealers and cryptominers to gamers. The malicious links in YouTube comments (Source: Zscaler ThreatLabz) Attackers leveraging the Node.js loader In this latest malware delivery campaign, the

Evasive Node.js loader masquerading as game hack Read More »

Cybercriminals used a gaming engine to create undetectable malware loader

Check Point, Don't miss, GitHub, Hot stuff, Linux, macOS, Malware, malware detection, News, software development, Windows /

Cybercriminals used a gaming engine to create undetectable malware loader 2024-11-27 at 20:33 By Zeljka Zorz Threat actors are using an ingenious new way for covertly delivering malware to a wide variety of operating systems and platforms: they have created a malware loader that uses Godot Engine, an open-source game engine. The loader – dubbed

Cybercriminals used a gaming engine to create undetectable malware loader Read More »

Researchers unearth MotW bypass technique used by threat actors for years

Don't miss, Elastic, Features, malware detection, Microsoft, News, security controls, vulnerability, Windows /

Researchers unearth MotW bypass technique used by threat actors for years 2024-08-06 at 14:31 By Zeljka Zorz Threat actors have been abusing a bug in how Windows handles LNK files with non-standard target paths and internal structures to prevent in-built protections from stopping malicious payloads and trick users into running them. “We identified multiple samples

Researchers unearth MotW bypass technique used by threat actors for years Read More »

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys

Don't miss, Hot stuff, Kroll, Malware, malware detection, News /

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys 2024-06-26 at 15:46 By Zeljka Zorz A newly spotted campaign is leveraging BPL sideloading and other uncommon tricks to deliver the IDAT Loader (aka HijackLoader) malware and prevent its detection. The campaign Spotted by Kroll’s incident responders and analyzed by the company’s

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys Read More »

AWS unveils new and improved security features

access management, Amazon Web Services, cloud security, Compliance, Hot stuff, malware detection, MFA, News, security /

AWS unveils new and improved security features 2024-06-12 at 18:31 By Zeljka Zorz At its annual re:Inforce conference, Amazon Web Services (AWS) has announced new and enhanced security features and tools. Additional multi-factor authentication option To facilitate the concerted push to get customers to secure their accounts with multiple authentication factors, AWS has added support

AWS unveils new and improved security features Read More »

The most prevalent malware behaviors and techniques

Don't miss, Elastic, malware analysis, malware detection, News, research, tips /

The most prevalent malware behaviors and techniques 2024-03-20 at 12:46 By Zeljka Zorz An analysis of 100,000+ Windows malware samples has revealed the most prevalent techniques used by malware developers to successfully evade defenses, escalate privileges, execute the malware, and assure its persistence. Malware tactics and techniques The analyzed malware samples were most often delivered

The most prevalent malware behaviors and techniques Read More »

Keyloggers, spyware, and stealers dominate SMB malware detections

cybercrime, cybersecurity, data theft, Malware, malware detection, News, report, Sophos, survey /

Keyloggers, spyware, and stealers dominate SMB malware detections 2024-03-13 at 06:06 By Help Net Security In 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials, according to Sophos. Attackers subsequently use this stolen information to gain unauthorized remote access, extort victims, deploy ransomware,

Keyloggers, spyware, and stealers dominate SMB malware detections Read More »

Turla’s Snake malware network disrupted by Five Eyes’ agencies

APT, CISA, cyber espionage, cybercrime, Don't miss, FBI, government-backed attacks, Hot stuff, Malware, malware analysis, malware detection, News, NSA /

Turla’s Snake malware network disrupted by Five Eyes’ agencies 10/05/2023 at 14:47 By Help Net Security The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated malware, called “Snake” (aka “Uroburous”), that the US Government attributes to a unit within Center 16 of

Turla’s Snake malware network disrupted by Five Eyes’ agencies Read More »

Scroll to Top