IT之家7 月 15 日消息,安全公司 Blackpoint Cyber 发文,披露了一款名为 LabubaRAT 的新型木马,黑客将其伪装成英伟达驱动“nvidia-sysruntime.exe”,通过多种方式诱导用户安装,该木马可在 Windows 系统中建立持久化访问能力,并执行多种远程控制操作。 IT之家参考通报获悉,LabubaRAT 使用 Rust 语言开发,该木马在运行后首先会收集设 ...
Bitdefender researchers show how Windows bind links can create conflicting filesystem views to hide malware from endpoint ...
快科技7月15日消息,网络安全研究人员发现一种新型Rust远程访问木马LabubaRAT,伪装成NVIDIA软件来控制Windows主机。
A fileless malware framework is abusing Google’s Blogspot platform to deliver PureLog Stealer directly into computer memory, sharpening concerns that trusted web services are being turned into staging ...
安全研究人员观察到Mistic与ModeloRAT(一种基于Python的远程访问木马)协同运作,后者与代号Woodgnat(公开名KongTuke)的金融动机黑客组织存在关联。 隐蔽性极强的内存驻留后门 自2026年4月起,一种名为Mistic的新型Windows后门程序在企业网络中悄然扩散。该恶意软件通过完全在内存中执行载荷的方式实现持久化访问,不向硬盘写入任何恶意文件,使得传统依赖磁盘文件扫 ...
Microsoft Threat Intelligence is warning Windows users about a cryptocurrency clipper strain of malware transmitted via USB drives. The malware, which has been affecting users since February, steals ...
An unpatched SQL injection vulnerability in the Ghost content management system has been weaponized in an active, large-scale cyberattack that has compromised more than 700 websites worldwide — ...
Two phishing campaigns, each using a different stealthy infection technique, are targeting organizations in attacks which aim to deliver data stealing malware to devices running on Microsoft Windows.
A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases. A once-trusted Chrome extension with thousands of ...
The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that's designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 ...
From Discord and Teams to WhatsApp, Windows Search, the Start menu, and even the new Agenda view in Notifications Center, Windows 11 keeps doubling down on web junk, and it’s getting so out of control ...