The Hacker News

New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer

Researchers detail REF8372, a malvertising campaign using fake Node.js ads, Storj-hosted payloads, and OXLOADER to deploy ...
Dark Reading

'Lorem Ipsum' Malware Pivots to ClickFix Delivery

New analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and extortion group Vice Society.
The Hacker News

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...

ShadowPad Breaks Beyond APT41: China-Linked Cyber Espionage Malware Now Shared Across Multiple Threat Groups

ShadowPad, once linked mainly to APT41, is now being used by multiple China-linked threat groups, expanding its role in cyber ...
Bleeping Computer

AI-built ransomware toolkit automates EDR evasion, AD discovery

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. Tool and payload development ...
WeLiveSecurity

OceanLotus: From external espionage to domestic targeting

Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...
GitHub

Task 6 Staged Payloads 4dd48ff43a2b4d5b9bb1267eb3bed0b0.md

A stageless payload embeds the final shellcode directly into itself. Think of it as a packaged app that executes the shellcode in a single-step process. In previous tasks, we embedded an executable ...
IEEE

Evasion Techniques: Sneaking through Your Intrusion Detection/Prevention Systems

Abstract: Detecting attacks disguised by evasion techniques is a challenge for signature-based Intrusion Detection Systems (IDSs) and Intrusion Prevention Systems (IPSs). This study examines five ...