Malware 2026
2026()
2025()
2024()
2023()
2022()
OTHER()
Viry znalosti Programy Virus Calendar
MALWARE TRAFFIC Ransom Database Znalosti Programy Banking Mobil RAT Evolution MALWARE DATABAZE Malware Families CoinMiner RAT Banking Malware Mobil malware RAT ROOTKIT
UPDATE
DATE |
NAME |
INFO |
CATEGORY |
SUBCATE |
| 20.2.26 | PromptSpy | PromptSpy ushers in the era of Android threats using GenAI | MALWARE | ANDROID |
| 20.2.26 | PromptSpy | PromptSpy ushers in the era of Android threats using GenAI | MALWARE | ANDROID |
| 18.2.26 | Keenadu | Divide and conquer: how the new Keenadu backdoor exposed links between major Android botnets | MALWARE | BACKDOOR |
| 17.2.26 | OpenClaw | Hudson Rock Identifies Real-World Infostealer Infection Targeting OpenClaw Configurations | MALWARE | AI AGENT |
| 17.2.26 | SmartLoader | SmartLoader Clones Oura Ring MCP to Deploy Supply Chain Attack | MALWARE | LOADER |
| 16.2.26 | RenEngine | The game is over: when “free” comes at too high a price. What we know about RenEngine | MALWARE | ENGINE |
| 15.2.26 | ZeroDayRAT | ZeroDayRAT - New Spyware Targeting Android and iOS | MALWARE | OS |
| 15.2.26 | WAVESHAPER | C++ backdoor that runs as a background daemon, collects host system information, communicates with C2 over HTTP/HTTPS using curl, and downloads and executes follow-on payloads. | MALWARE | BACKDOOR |
| 15.2.26 | HYPERCALL | Golang-based downloader that reads an RC4-encrypted configuration file, connects to C2 over WebSockets on TCP 443, downloads malicious dynamic libraries, and reflectively loads them into memory. | MALWARE | DOWNLOADER |
| 15.2.26 | HIDDENCALL | Golang-based backdoor reflectively injected by HYPERCALL that provides hands-on keyboard access, supports command execution and file operations, and deploys additional malware. | MALWARE | BACKDOOR |
| 15.2.26 | SILENCELIFT | Minimal C/C++ backdoor that beacons host information and lock screen status to a hard-coded C2 server and can interrupt Telegram communications when executed with root privileges. | MALWARE | BACKDOOR |
| 15.2.26 | DEEPBREATH | Swift-based data miner deployed via HIDDENCALL that bypasses macOS TCC protections by modifying the TCC database to gain broad filesystem access and steals keychain credentials, browser data, Telegram data, and Apple Notes data. | MALWARE | MINER |
| 15.2.26 | SUGARLOADER | C++ downloader that uses an RC4-encrypted configuration to retrieve next-stage payloads and was made persistent via a manually created launch daemon. | MALWARE | DEAMON |
| 15.2.26 | CHROMEPUSH | C++ browser data miner deployed by SUGARLOADER that installs as a Chromium native messaging host masquerading as a Google Docs Offline extension and collects keystrokes, credentials, cookies, and optionally screenshots. | MALWARE | MINER |
| 15.2.26 | LummaStealer | LummaStealer Is Getting a Second Life Alongside CastleLoader | MALWARE | STEALER |
| 15.2.26 | CastleLoader | GrayBravo’s CastleLoader Activity Clusters Target Multiple Industries | MALWARE | LOADER |
| 11.2.26 | Koalemos RAT | No Fool's Errand: The Koalemos RAT Campaign | MALWARE | RAT |
| 3.2.26 | Chrysalis Backdoor | The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit | MALWARE | BACKDOOR |
| 2.2.26 | GlassWorm Loader | GlassWorm Loader Hits Open VSX via Developer Account Compromise | MALWARE | LOADER |
| 28.1.26 | Python RAT | Malicious PyPI Packages spellcheckpy and spellcheckerpy Deliver Python RAT | MALWARE | PYTHON |
| 27.1.26 | PeckBirdy | PeckBirdy: A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat Groups | MALWARE | FRAMEWORK |
| 26.1.26 | KONNI | KONNI Adopts AI to Generate PowerShell Backdoors | MALWARE | POWERSHELL |
| 24.1.26 | DynoWiper | Sandworm behind cyberattack on Poland’s power grid in late 2025 | MALWARE | WIPER |
| 23.1.26 | The Skeleton Key | The Skeleton Key: How Attackers Weaponize Trusted RMM Tools for Backdoor Access | MALWARE | TOOL |
| 21.1.26 | VoidLink | VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has Begun | MALWARE | AI |
| 21.1.26 | Spread rat | Open-Source Python Script Drives Social Media Phishing Campaign | MALWARE | PYTHON |
| 20.1.26 | Evelyn | From Extension to Infection: An In-Depth Analysis of the Evelyn Stealer Campaign Targeting Software Developers | MALWARE | Stealer |
| 19.1.26 | ModeloRAT | Dissecting CrashFix: KongTuke's New Toy | MALWARE | RAT |
| 19.1.26 | StealC | UNO reverse card: stealing cookies from cookie stealers | MALWARE | Stealer |
| 17.1.26 | SOLYXIMMORTAL | EXECUTIVE SUMMARY SolyxImmortal is a Python-based Windows information-stealing malware that combines credential theft, document harvesting, keystroke logging, screen surveillance, | MALWARE | PYTHON |
| 17.1.26 | Gootloader’s | Planned failure: Gootloader’s malformed ZIP actually works perfectly | MALWARE | LOADER |
| 17.1.26 | LOTUSLITE | LOTUSLITE: Targeted espionage leveraging geopolitical themes | MALWARE | BACKDOOR |
| 14.1.26 | VoidLink | Unveiling VoidLink – A Stealthy, Cloud-Native Linux Malware Framework | MALWARE | Linux |
| 10.1.26 | RustyWater | Reborn in Rust: Muddy Water Evolves Tooling with RustyWater Implant | MALWARE | RAT |
| 8.1.26 | NodeCordRAT | Malicious NPM Packages Deliver NodeCordRAT | MALWARE | RAT |
| 5.1.26 | VVS Discord | VVS Discord Stealer Using Pyarmor for Obfuscation and Detection Evasion | MALWARE | STEALER |