Rat
Lazarus RemotePE: Memory-Only RAT Behind $577M Crypto Theft Surfaces in Fox-IT Disclosure
Fox-IT and The Hacker News detail RemotePE, a fileless C++ RAT used by North Korea's Lazarus Group against fintech and crypto firms via a DPAPI-bound loader chain. Tied to $577M in 2026 crypto theft.
CPUID Website Compromised to Deliver STX RAT via CPU-Z and HWMonitor Downloads
Attackers compromised CPUID's download infrastructure for ~19 hours, replacing CPU-Z and HWMonitor installers with trojanized builds that sideload STX RAT via a malicious CRYPTBASE.dll.
Axios npm Hijacked: Compromised Maintainer Account Drops Cross-Platform RAT in 100M-Download Package
DPRK-linked UNC1069 compromised the axios npm maintainer's account and published two backdoored versions that deployed the WAVESHAPER.V2 RAT to macOS, Windows, and Linux — present in ~80% of cloud environments.