Malware News
The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ... Partner channel: @cveNotify For ads: https://telega.io/c/malwr
Ko'proq ko'rsatish📈 Telegram kanali Malware News analitikasi
Malware News (@malwr) Ingliz til segmentidagi kanali faol ishtirokchi. Hozirda hamjamiyat 14 933 obunachidan iborat bo'lib, Texnologiyalar & Aralashmalar toifasida 8 633-o'rinni va AQSH mintaqasida 2 549-o'rinni egallagan.
📊 Auditoriya ko‘rsatkichlari va dinamika
невідомо sanasidan buyon loyiha tez o‘sib, 14 933 obunachiga ega bo‘ldi.
01 Iyul, 2026 dagi oxirgi ma’lumotlarga ko‘ra kanal barqaror faollikka ega. Oxirgi 30 kunda obunachilar soni 681 ga, so‘nggi 24 soatda esa 19 ga o‘zgardi va umumiy qamrov yuqori darajada qolmoqda.
- Tasdiqlash holati: Tasdiqlanmagan
- Jalb etish (ER): Auditoriya o‘rtacha 4.43% darajada jalb etiladi. Nashrdan keyingi dastlabki 24 soatda kontent odatda umumiy obunachilar sonining 2.50% ini tashkil etuvchi reaksiyalarni to‘playdi.
- Post qamrovi: Har bir post o‘rtacha 661 marta ko‘riladi; birinchi sutkada odatda 373 ta ko‘rish yig‘iladi.
- Reaksiyalar va o‘zaro ta’sir: Auditoriya faol: har bir postga o‘rtacha 1 ta reaksiya keladi.
- Tematik yo‘nalishlar: Kontent threat, kernel, cve-2025, actor, attack kabi asosiy mavzularga jamlangan.
📝 Tavsif va kontent siyosati
Muallif resursni shaxsiy fikrni ifoda etish maydoni sifatida ta’riflaydi:
“The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ...
Partner channel: @cveNotify
For ads: https://telega.io/c/malwr”
Yuqori yangilanish chastotasi (oxirgi ma’lumot 02 Iyul, 2026 da olingan) sababli kanal doimo dolzarb va katta qamrovli bo‘lib qoladi. Analitika auditoriya kontent bilan faol hamkorlik qilishini, uni Texnologiyalar & Aralashmalar toifasidagi muhim ta’sir nuqtasiga aylantirishini ko‘rsatadi.
Ma'lumot yuklanmoqda...
| Sana | Obunachilarni jalb qilish | Esdaliklar | Kanallar | |
| 02 Iyul | +16 | |||
| 01 Iyul | +20 |
| 2 | Iran-Nexus TAG-182 Disseminates MarkiRAT Surveillance Tool
Discover how Iranian-nexus threat cluster TAG-182 uses MarkiRAT malware and fake VPN/media apps to conduct cyber surveillance operations against domestic targets.
https://www.recordedfuture.com/research/nexus-tag182-disseminates-markirat
https://assets.recordedfuture.com/insikt-report-pdfs/2026/cta-ir-2026-0701.pdf
🎖@malwr | 353 |
| 3 | Doctor Web’s Q2 2026 virus activity review
https://news.drweb.com/show/?i=15275&lng=en&c=5
🎖@malwr | 365 |
| 4 | Doctor Web’s Q2 2026 review of virus activity on mobile devices
https://news.drweb.com/show/?i=15274&lng=en&c=5
🎖@malwr | 324 |
| 5 | RadonCoding/binsafe: Obfuscator for compiled 64-bit portable executables.
https://github.com/RadonCoding/binsafe
🎖@malwr | 266 |
| 6 | youssefnoob003/SindriKit: A foundational C library for building operationally credible offensive capabilities
https://github.com/youssefnoob003/SindriKit
🎖@malwr | 243 |
| 7 | CitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451)
Well, well, well - once again, the cat has dragged us in and spat us out.
Today, we find ourselves questioning the reality we sit within. Must it be so predictable, and why us? “But watchTowr, what do you mean?”
Well, if you’re here, you likely fit into one of
https://labs.watchtowr.com/citrixbleed-to-infinity-and-beyond-citrix-netscaler-pre-auth-memory-overread-cve-2026-8451/
🎖@malwr | 353 |
| 8 | TuncorReUnion/TLAC-MODERN-LOCAL-ANTI-CHEAT-REUNIONED: This Anti-Cheat is local server based and fully open source. it's user space
https://github.com/TuncorReUnion/TLAC-MODERN-LOCAL-ANTI-CHEAT-REUNIONED
🎖@malwr | 475 |
| 9 | Chaelsoo/Hollow
https://github.com/Chaelsoo/Hollow
hollow is a shellcode loader generator. You give it a raw shellcode binary and a profile, and it spits out a compiled Windows PE loader with your shellcode encrypted inside.
🎖@malwr | 424 |
| 10 | Mustang Panda targets India's government and energy sectors with ZOHOMURK and MINIRECON
Acronis Threat Research Unit (TRU) has been tracking two concurrent campaigns orchestrated by Mustang Panda targeting Indian government entities, delivering new malware implants and abusing Zoho WorkDrive, a legitimate cloud storage platform commonly used in the Indian government sector.
https://www.acronis.com/en/tru/posts/mustang-panda-targets-indias-government-and-energy-sectors/
🎖@malwr | 450 |
| 11 | TONResolver RAT Abuses TON Blockchain to Target Japan's Hotel Industry
In this blog entry, TrendAI™ Research examines a wave of phishing emails observed in May 2026 that targeted Japanese accommodation facilities using Booking.com, detailing the victims, attack techniques used, and characteristics of the malware involved.
https://www.trendmicro.com/en_us/research/26/f/tonresolver.html
🎖@malwr | 365 |
| 12 | Enterprise Tech In, Shell Out (Progress Kemp LoadMaster Uninitialized Heap to Pre-Auth RCE CVE-2026-8037)
Welcome back to another watchTowr Labs blog post.
This time, we're looking at Progress Kemp LoadMaster, a load balancer that sits at the edge of a lot of enterprise networks. Edge appliances have a habit of becoming the way in rather than the thing keeping people out, and CVE-
https://labs.watchtowr.com/enterprise-tech-in-shell-out-progress-kemp-loadmaster-uninitialized-heap-to-pre-auth-rce-cve-2026-8037/
🎖@malwr | 356 |
| 13 | Anatomy of a WHQL-Signed Windows Filtering Platform (WFP) Kernel-Resident Network Backdoor - Nextron Systems
https://www.nextron-systems.com/2026/06/26/anatomy-of-a-whql-signed-windows-filtering-platform-wfp-kernel-resident-network-backdoor/
🎖@malwr | 342 |
| 14 | Adham504/iocforge: An advanced, production-ready Threat Intelligence utility that extracts Indicators of Compromise (IoCs) from many file formats, removes false positives, enriches them with live Threat Intelligence APIs, and produces rich JSON / CSV / HTML / summary reports.
https://github.com/Adham504/iocforge
🎖@malwr | 481 |
| 15 | dantiicu/wine-nx: Experimental Wine runtime for Nintendo Switch: AArch64 Windows PE loading, Horizon/libnx integration, win32u USER/GDI bring-up, software framebuffer display, touch input, and early Notepad GUI support.
https://github.com/dantiicu/wine-nx
🎖@malwr | 516 |
| 16 | zenniskayy2k4/xAI-in-Malware-Detection: An AI-Powered Malware Detection Framework with MCP Integration
https://github.com/zenniskayy2k4/xAI-in-Malware-Detection
🎖@malwr | 536 |
| 17 | manikandantn68/window-persistence-Privilege-Escalation: A complete hands-on reference of 46 Windows persistence techniques used by real-world APT groups. Each technique includes MITRE ATT&CK TTP mapping, known threat actor attribution, attack commands, verification steps, and cleanup — organized from No-Admin to Admin level. Built for red teamers, malware analysts, and cybersecurity learners.
https://github.com/manikandantn68/window-persistence-Privilege-Escalation
🎖@malwr | 485 |
| 18 | Ethan-Andrews/Exploitarium-Detections: KQL detection rules for Microsoft Sentinel and Defender XDR covering the bikini/exploitarium anonymous disclosure — a personal research archive of 15 distinct vulnerability targets across 109 tracked files, released without vendor notification on June 23, 2026.
https://github.com/Ethan-Andrews/Exploitarium-Detections
🎖@malwr | 450 |
| 19 | diabloidyobane/BlindSpot: Reverse engineering a manually-mapped commercial cheat DLL in The Division 2. Documents the pe-sieve enumeration Blindspot (MEM_PRIVATE + header wiping). Anti-cheat safe — read-only Windows APIs only, no debugger, no injection. Pure Python. Includes the reconstructed PE, IDA database, scripts, and an academic paper of the workflow.
https://github.com/diabloidyobane/BlindSpot
🎖@malwr | 545 |
| 20 | Dissecting Apple's Sparse Image Format (ASIF) | schamper.dev
At WWDC 2025, Apple announced macOS 26 Tahoe. One of the new features in macOS Tahoe is a new disk image format: ASIF. Designed for use with virtual machines (its documentation lives under the Virtualization framework), ASIF takes a lot of inspiration from existing virtual disk formats. Practically, that means it’s another sparse virtual disk format, and functions very similar to sparse VMDK, VHDX or QCOW2 files (for the uninitiated, it allow you to store a large disk, or file, in a smaller, “sparse” manner).
https://schamper.dev/dissecting-apples-sparse-image-format-asif/
🎖@malwr | 543 |
Endi mavjud! Telegram Tadqiqoti 2025 — yilning asosiy insaytlari 
