Latest news

International Authorities Dismantle SocGholish (FakeUpdates) Malware Network — 106 Servers and 101 Domains Seized
Malware

International Authorities Dismantle SocGholish (FakeUpdates) Malware Network — 106 Servers and 101 Domains Seized

19 June 2026 dark6

International law enforcement agencies from the US, Netherlands, Canada, and Germany have dismantled the SocGholish malware network under Operation Endgame,...
Read more 0
Supply Chain Attack Compromises 140+ Mastra npm Packages, Targeting Developer Credentials and Crypto Wallets
Malware

Supply Chain Attack Compromises 140+ Mastra npm Packages, Targeting Developer Credentials and Crypto Wallets

18 June 2026 dark6

A sophisticated supply chain attack has compromised over 141 packages in the Mastra-AI npm ecosystem, including @mastra/core which sees 918,000...
Read more 0
Chinese Hackers (UNC6508) Spent Over a Year Spying on US Medical Research Institutions via REDCap
Malware

Chinese Hackers (UNC6508) Spent Over a Year Spying on US Medical Research Institutions via REDCap

17 June 2026 dark6

Google GTIG has attributed a 2+ year Chinese cyber-espionage campaign to UNC6508, which exploited REDCap medical research servers across North...
Read more 0
GoFlateLoader: New Go-Based Malware Loader Infects 33,000+ Users by Outsizing Security Scanners
Malware

GoFlateLoader: New Go-Based Malware Loader Infects 33,000+ Users by Outsizing Security Scanners

12 June 2026 dark6

GoFlateLoader, a new Go-based malware loader active since April 2026, has infected over 33,000 users globally by exploiting a simple...
Read more 0
Critical npm Supply Chain Attack: Malicious ‘dbmux’ Package Gives Hackers Full System Control
Malware

Critical npm Supply Chain Attack: Malicious ‘dbmux’ Package Gives Hackers Full System Control

11 June 2026 dark6

A malicious npm package named dbmux was discovered containing malware that gives attackers complete control over any developer system that...
Read more 0
EDRChoker: New Red Team Tool Silences Cloud-Connected EDR Agents by Choking Network With Windows QoS
Malware

EDRChoker: New Red Team Tool Silences Cloud-Connected EDR Agents by Choking Network With Windows QoS

8 June 2026 dark6

A new open-source tool called EDRChoker throttles EDR agent network connections to 8 bps using Windows native Policy-Based QoS, effectively...
Read more 0
JS.MonoGlyphRAT: Stealthy New Malware Hidden in Fake Purchase Orders Targets US Enterprises
Malware

JS.MonoGlyphRAT: Stealthy New Malware Hidden in Fake Purchase Orders Targets US Enterprises

8 June 2026 dark6

A previously unknown remote access trojan called JS.MonoGlyphRAT is spreading through US businesses disguised as routine purchase orders and business...
Read more 0
TA4922: Chinese Cybercrime Group Deploys Atlas RAT, ValleyRAT and AI-Assisted Malware in Global Phishing Blitz
Malware

TA4922: Chinese Cybercrime Group Deploys Atlas RAT, ValleyRAT and AI-Assisted Malware in Global Phishing Blitz

5 June 2026 dark6

Proofpoint exposes TA4922, a Chinese-speaking cybercrime group conducting more unique campaigns than any other tracked actor in 2026, deploying Atlas...
Read more 0
WordPress Sites Turned Into Spy Networks: Malware Hides C2 Commands in Steam Profile Comments Using Unicode Steganography
Malware

WordPress Sites Turned Into Spy Networks: Malware Hides C2 Commands in Steam Profile Comments Using Unicode Steganography

3 June 2026 dark6

A sophisticated malware campaign has compromised approximately 1,900 WordPress sites using Steam Community profile pages as a covert C2 channel....
Read more 0
SmartApeSG Campaign Exploits ClickFix Fake Verification Pages to Deliver NetSupport RAT
Malware

SmartApeSG Campaign Exploits ClickFix Fake Verification Pages to Deliver NetSupport RAT

2 June 2026 dark6

The SmartApeSG campaign is using ClickFix scripts disguised as fake browser verification pages to deploy a two-stage infection chain, culminating...
Read more 0
OverlayPhantom Android Banking Trojan Targets 180+ Apps Across 10 Countries
Malware

OverlayPhantom Android Banking Trojan Targets 180+ Apps Across 10 Countries

2 June 2026 dark6

A dangerous new Android banking trojan called OverlayPhantom has been targeting users in ten countries, abusing Android's Accessibility Service to...
Read more 0
Malicious NuGet Package Impersonates Sicoob Banking SDK to Steal mTLS Certificates and Financial Credentials
Malware

Malicious NuGet Package Impersonates Sicoob Banking SDK to Steal mTLS Certificates and Financial Credentials

31 May 2026 dark6

A malicious NuGet package named "Sicoob.Sdk" impersonated the official Sicoob banking SDK and silently exfiltrated PFX certificates, private keys, and...
Read more 0