Cyber Creatures

Cyber attacks are growing rapidly around the world. Every year, cybercriminals develop new malware to steal sensitive information from individuals and organizations. One of the emerging threats recently observed by security researchers is AuraStealer , a dangerous information-stealing malware that targets Windows systems. AuraStealer is designed to secretly enter a victim’s computer and steal valuable data such as saved passwords, browser cookies, cryptocurrency wallets, and personal credentials . What makes this malware dangerous is that it often spreads through fake software downloads, cracked applications, and malicious links shared on social media platforms . In simple words, AuraStealer works like a digital spy . Once it infects a system, it quietly collects important data and sends it to the attacker without the user noticing. How the Attack Works The attack usually happens in a few simple stages. First, attackers trick users into downloading a malicious file. This file ma...

Imagine a hacker doesn’t break into your computer . Instead, they convince you to open PowerShell as an administrator and paste their code yourself . That’s exactly what’s happening in a new cyber-espionage attack uncovered by Microsoft Threat Intelligence — and it’s both clever and dangerous . This attack is being carried out by a North Korean state-backed hacking group called Emerald Sleet , also known as Kimsuky or VELVET CHOLLIMA . Let’s break it down in simple language , so anyone can understand it.   What Is This Attack About? Instead of sending malware or exploiting software bugs, hackers are using trust and psychology . They: Pretend to be government officials Build relationships with victims Then trick them into running malicious PowerShell commands themselves No hacking skills required from the victim — just one mistake.   Who Are the Hackers? Emerald Sleet is a North Korean government-backed cyber-espionage group . They usually spy on: Governme...

    Introduction Ransomware attacks continue to be one of the most dangerous cyber threats facing organizations worldwide. Among the newer and more stealthy threats is HardBit 4.0 ransomware , an upgraded version of a malware family that has been active since 2022. HardBit 4.0 represents a significant evolution in ransomware design. Instead of relying on flashy data leaks or public shaming tactics, this ransomware focuses on quiet persistence, strong encryption, and advanced evasion techniques . Its ability to remain hidden while maintaining long-term access makes it especially dangerous for businesses and enterprises.   What Is HardBit 4.0? HardBit 4.0 is a file-encrypting ransomware operated by cybercriminals who primarily target poorly secured network services. Unlike many modern ransomware groups, HardBit actors do not operate a public leak site and do not focus on double extortion tactics. Their strategy is simple but effective: encrypt critical systems and dem...

A major security incident has shaken the JavaScript and open-source ecosystem. GitLab’s Vulnerability Research team recently uncovered a large-scale supply chain attack  targeting the npm package ecosystem  one of the most widely used software repositories in the world. This attack doesn’t just steal sensitive information. It carries something far more dangerous: a built-in “ Dead Man’s Switch ” designed to destroy user data if the attackers lose control. Below is a complete report explaining what happened, how the malware works, who is affected, indicators of compromise, and what organizations must do now. 1. Overview of the Attack The attack involves a dangerous and evolved malware variant known as Shai - Hulud . Attackers uploaded malicious npm packages that look legitimate on the surface. When a developer installs one of these packages, the malware silently activates and begins its multi-stage attack. The result is a widespread, self-spreading infection that compromises d...