News • Insights • Analysis
A new infostealer dubbed Omnistealer is turning the blockchain into a permanent malware hosting platform, which is bad news for both companies and everyday users. It’s pretty common for malware to store its payload on a public platform, ideally one Read More …
JanelaRAT is a malware family that takes its name from the Portuguese word “janela” which means “window”. JanelaRAT looks for financial and cryptocurrency data from specific banks and financial institutions in the Latin America region. JanelaRAT is a modified variant Read More …
SparkCat, a mobile-first infostealer that targets people’s cryptocurrencies, is back with new upgrades that make it more difficult to spot. Cybersecurity researchers Kaspersky claim to have found multiple apps both in the Apple App Store and the Google Play Store Read More …
Building on recent BRICKSTORM research from Google Threat Intelligence Group (GTIG), this post explores the evolving threats facing virtualized environments. These operations directly target the VMware vSphere ecosystem, specifically the vCenter Server Appliance (VCSA) and ESXi hypervisors. To help organizations Read More …
In March 2026, Kaspersky researchers discovered an active campaign promoting previously unknown malware in private Telegram chats. The Trojan was offered as a MaaS (malware‑as‑a‑service) with three subscription tiers. It caught the researchers attention because of its extensive arsenal of capabilities. Read More …
Google Threat Intelligence Group (GTIG) is tracking an active software supply chain attack targeting the popular Node Package Manager (NPM) package “axios.” Between March 31, 2026, 00:21 and 03:20 UTC, an attacker introduced a malicious dependency named “plain-crypto-js” into axios Read More …
A fake website impersonating Avast antivirus is tricking people into infecting their own computers. The site looks legitimate, runs what appears to be a virus scan, and claims your system is full of threats. But the results are fake: when Read More …
A previously undocumented macOS infostealer has surfaced during our routine threat hunting. Malwarebytes Labs researchers initially tracked it as NukeChain, but shortly before publication, the malware’s operator panel became publicly visible, revealing its real name: Infiniti Stealer. This malware is Read More …
In this instalment of Kaspersky SOC Files series, Kaspersky researchers will walk you through a targeted campaign that our MDR team identified and hunted down a few months ago. It involves a threat known as Horabot, a bundle consisting of Read More …
Russian hackers have been targeting Human Resources (HR) departments at various organizations around the world with a never-before seen piece of malware called BlackSanta. The campaign was spotted by cybersecurity researchers Aryaka, who said the attacks have been going on Read More …
