Monday , July 13 2026
rat

APT36 to attack Windows Systems Absuing Google Drive & Slack

ElizaRAT is malware that mainly targets Windows systems and acts as a remote access tool (RAT), allowing attackers to access infected devices without permission. This malware is often distributed through phishing campaigns or malicious downloads.

CheckPoint researchers found that APT36 (aka “Transparent Tribe”) is a Pakistan-based APT group, hackers are targeting high-profile Windows users with ElizaRAT.

Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
Palo Alto Networks Addresses 13 Vulnerabilities

Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Mycelium Framework: First AI-as-a-Service Botnet

A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
Mycelium Framework: First AI-as-a-Service Botnet

CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh. In an advisory CIRT said, the campaign has been observed globally,...
Read More
CIRT identified 153 publicly exposed FortiGate devices in Bangladesh

ElizaRAT was initially identified in 2023, and since then, it has evolved significantly by incorporating advanced features.The infection chain of ElizaRAT begins with “phishing emails” containing malicious “CPL” files distributed via “Google Storage links.”

It establishes persistence by creating a “unique victim ID,” “setting up working directories in %appdata%,” and deploying secondary payloads like “ApoloStealer.”

      Infection Chain (Source – CheckPoint)

The Checkpoint report states that this stealer component targets sensitive file types (“.doc,” “.pdf,” “.ppt,” “.xls”) and performs “systematic data exfiltration” via encrypted channels.

The malware employs sophisticated evasion techniques like:-

Time zone verification checks for India Standard Time.
Maintains reliability via various C2 communication methods.
Ranging from Slack API calls to Google Cloud Storage service account authentication using X.509 certificates.
Each campaign variant illustrates increasingly sophisticated capabilities while maintaining the core objective of persistent data theft from targeted “Indian institutions.” ‘ConnectX’ is a USB-targeting malware component within the ElizaRAT ecosystem.

click here to read full report.

Check Also

Apple

New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide

Researchers at cybersecurity firm Paradigm Shift found a new flaw called usbliter8. This flaw can …