Aggregator

A sophisticated backdoor called EtherRAT is actively targeting organizations across multiple sectors by hiding its command infrastructure inside the Ethereum blockchain — a move that makes it uniquely hard to track and shut down. The malware runs on Node.js and gives attackers full remote control over compromised machines, enabling them to execute commands, steal cryptocurrency […]

The post Hackers Use EtherRAT and EtherHiding to Hide Malware Infrastructure on Ethereum appeared first on Cyber Security News.

March 2026 brought a wave of cyber attacks that reflected how quickly modern threats can move from subtle early signals to serious business impact. ANY.RUN analysts identified and explored several major threats this month, exposing phishing campaigns, stealthy malware, payment-skimming activity, and resilient botnet infrastructure affecting organizations across industries. From Microsoft 365 token abuse and […]

The post Major Cyber Attacks in March 2026: OAuth Phishing, SVG Smuggling, Magecart, and More  appeared first on ANY.RUN's Cybersecurity Blog.

You must login to view this content

A new and dangerous piece of malware has surfaced and is being marketed openly to cybercriminals through private Telegram channels. Named CrystalX, this Malware-as-a-Service (MaaS) platform combines a remote access trojan (RAT), credential stealer, keylogger, clipboard hijacker, spyware, and an unusual set of prankware tools into one capable package. Discovered in March 2026, the malware […]

The post Hackers Push CrystalX Malware-as-a-Service Through Telegram With Stealer and RAT Features appeared first on Cyber Security News.

Google has fixed 21 vulnerabilities affecting its popular Chrome browser, among them a zero-day (CVE-2026-5281) with an in-the-wild exploit. About CVE-2026-5281 As per usual, information about the fixed zero-day is limited, and there’s no details about the exploit (or how/if it’s being used by attackers). CVE-2026-5281’s official description says it’s a use-after-free (UAF) vulnerability in Dawn, an open-source and cross-platform implementation of the WebGPU standard that’s used in Chromium and Chromium-based browsers. The vulnerability affects … More →

The post Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281) appeared first on Help Net Security.