Telegram Bot malware – Threat Note

From Security Week – Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks

[[{"value":"Huntress has shared details on the post-exploitation activities of threat actors targeting the recent CrushFTP vulnerability. The post Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks…

shaikh Saqib April 8, 2025

News

From The Hacker News – CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation

A recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog after reports emerged of active exploitation in the wild. The vulnerability is a case of authentication bypass that could permit an unauthenticated attacker to take over susceptible instances. It has

shaikh Saqib April 8, 2025

News

From Cyber Security News – DarkCloud – An Advanced Stealer Malware Selling Via Telegram To Steal Data From Windows

DarkCloud is a sophisticated stealer malware that emerged in 2022, quickly positioning itself as one of the most prevalent threats in its category. This Windows-targeting malware has evolved significantly to…

shaikh Saqib March 31, 2025

News

From Cyber Security News – 200 Malicious GitHub Repos Attacking Developers to Deliver Malware

In an era where open-source collaboration drives software innovation, a sophisticated cyber campaign dubbed GitVenom has emerged as a critical threat to developers. Security researchers have uncovered over 200 malicious…

shaikh Saqib February 25, 2025

News

From Security Week – Golang Backdoor Abuses Telegram for C&C Communication

[[{"value":"A newly discovered Golang backdoor is abusing Telegram for communication with its command-and-control (C&C) server. The post Golang Backdoor Abuses Telegram for C&C Communication appeared first on SecurityWeek."}]] Read More

shaikh Saqib February 18, 2025

News

From The Hacker News – New Golang-Based Backdoor Uses Telegram Bot API for Evasive C2 Operations

Cybersecurity researchers have shed light on a new Golang-based backdoor that uses Telegram as a mechanism for command-and-control (C2) communications. Netskope Threat Labs, which detailed the functions of the malware, described it as possibly of Russian origin. "The malware is compiled in Golang and once executed it acts like a backdoor," security researcher Leandro Fróes said in an analysis

shaikh Saqib February 17, 2025