Latest news

JDownloader Official Website Hijacked to Deliver RAT Malware in Windows and Linux Installers
Malware

JDownloader Official Website Hijacked to Deliver RAT Malware in Windows and Linux Installers

17 May 2026 dark6

Attackers compromised the official JDownloader website between May 6-7, 2026, replacing legitimate Windows and Linux installers with malicious versions containing...
Read more 0
ClickFix Evolves: Attackers Combine Social Engineering With Decade-Old PySoxy SOCKS5 Proxy for Persistent Access
Malware

ClickFix Evolves: Attackers Combine Social Engineering With Decade-Old PySoxy SOCKS5 Proxy for Persistent Access

14 May 2026 dark6

A new ClickFix campaign observed by ReliaQuest pairs the social engineering technique with PySoxy, a 10-year-old Python SOCKS5 proxy, creating...
Read more 0
GhostLock: New Attack Technique Locks Enterprise Files Like Ransomware — Without Any Encryption
Malware

GhostLock: New Attack Technique Locks Enterprise Files Like Ransomware — Without Any Encryption

12 May 2026 dark6

GhostLock is a newly disclosed attack technique that uses standard Windows file-locking behavior to paralyze enterprise SMB file shares without...
Read more 0
Operation SilentCanvas: Hackers Hide PowerShell Malware in Fake JPEG to Deploy Trojanized ScreenConnect Backdoor
Malware

Operation SilentCanvas: Hackers Hide PowerShell Malware in Fake JPEG to Deploy Trojanized ScreenConnect Backdoor

12 May 2026 dark6

Operation SilentCanvas is a new Windows attack campaign that hides a PowerShell script inside a fake JPEG file to deploy...
Read more 0
TCLBANKER Banking Trojan Spreads Through Self-Replicating WhatsApp and Outlook Worm Modules
Malware

TCLBANKER Banking Trojan Spreads Through Self-Replicating WhatsApp and Outlook Worm Modules

11 May 2026 dark6

A highly sophisticated Brazilian banking trojan called TCLBANKER (campaign REF3076) has been uncovered by Elastic Security Labs. The malware uses...
Read more 0
InstallFix: Hackers Use Fake Claude AI Installer Pages and Google Ads to Deploy RedLine Stealer Malware
Malware

InstallFix: Hackers Use Fake Claude AI Installer Pages and Google Ads to Deploy RedLine Stealer Malware

10 May 2026 dark6

A malware campaign called InstallFix is using paid Google Ads to push fake Claude AI installation pages to the top...
Read more 0
ZiChatBot: OceanLotus APT Uses Zulip Chat APIs as Covert Command and Control in PyPI Supply Chain Attack
Malware

ZiChatBot: OceanLotus APT Uses Zulip Chat APIs as Covert Command and Control in PyPI Supply Chain Attack

9 May 2026 dark6

A newly discovered malware called ZiChatBot abuses Zulip REST APIs for command and control, hiding malicious traffic as legitimate chat...
Read more 0
UAT-8302: China-Nexus APT Uses Custom Malware and Open-Source Tools to Steal Data From Government Agencies
Malware

UAT-8302: China-Nexus APT Uses Custom Malware and Open-Source Tools to Steal Data From Government Agencies

8 May 2026 dark6

Cisco Talos has detailed UAT-8302, a China-nexus APT group conducting long-term espionage campaigns against government agencies in southeastern Europe. The...
Read more 0
Malicious DeepSeek-Claw AI Skill Delivers Remcos RAT and GhostLoader in Agentic AI Supply Chain Attack
Malware

Malicious DeepSeek-Claw AI Skill Delivers Remcos RAT and GhostLoader in Agentic AI Supply Chain Attack

7 May 2026 dark6

Zscaler ThreatLabZ has uncovered a campaign where attackers published a fake DeepSeek integration for the OpenClaw AI framework on GitHub,...
Read more 0
DEEP#DOOR: New Python Backdoor Silently Harvests Browser Passwords, Cloud Tokens, SSH Keys, and Wi-Fi Credentials
Malware

DEEP#DOOR: New Python Backdoor Silently Harvests Browser Passwords, Cloud Tokens, SSH Keys, and Wi-Fi Credentials

2 May 2026 dark6

Securonix researchers have documented DEEP#DOOR, a self-contained Python backdoor delivered via obfuscated batch files that systematically disables Windows defenses before...
Read more 0
China-Aligned SHADOW-EARTH Deploys ShadowPad, IOX Proxy, and WMIC in Multi-Stage Espionage Campaign Across Asia
Malware

China-Aligned SHADOW-EARTH Deploys ShadowPad, IOX Proxy, and WMIC in Multi-Stage Espionage Campaign Across Asia

2 May 2026 dark6

A China-aligned threat group has conducted a prolonged espionage campaign against government agencies and critical infrastructure across eight Asian countries....
Read more 0
Lazarus Group Targets macOS Users With Sophisticated “Mach-O Man” Four-Stage Malware Kit
Malware

Lazarus Group Targets macOS Users With Sophisticated “Mach-O Man” Four-Stage Malware Kit

30 April 2026 dark6

North Korea's Lazarus Group has deployed a new modular macOS malware kit called "Mach-O Man" targeting fintech executives and crypto...
Read more 0