ZCyberNews
中文

#rat

8 articles

This archive collects 11 articles tagged rat published between April 13, 2026 and April 26, 2026, giving security teams a focused view of how this topic has appeared across ZCyberNews coverage. Observed actor references include CrystalX, Mirax, and REF6598, presented only where the underlying article metadata supports the attribution. The affected-scope signals emphasize cryptocurrency, financial-services, and software development across Europe, Global, and Latin america, helping readers compare exposure patterns without adding claims beyond the archive data. Severity coverage includes 1 critical, and 10 high reports.

Axios npm Supply Chain Attack Delivers Cross-Platform RATCRITICAL
Malware

Axios npm Supply Chain Attack Delivers Cross-Platform RAT

Elastic Security Labs details a supply chain compromise of the axios npm package that deployed a unified RAT across platforms, impacting an unknown number of downstream…

2 min read
CrystalX RAT Combines Spyware, Stealer, and Prankware in MaaS OfferingHIGH
Malware

CrystalX RAT Combines Spyware, Stealer, and Prankware in MaaS Offering

Kaspersky details CrystalX RAT, a MaaS malware with spyware, credential theft, and prankware features targeting Windows users globally since mid-2025.

3 min readCrystalX
Mirax Android RAT Infects 220,000 Users via Meta Ads, Creates SOCKS5 ProxyHIGH
Malware

Mirax Android RAT Infects 220,000 Users via Meta Ads, Creates SOCKS5 Proxy

Mirax Android RAT reached over 220,000 users via Meta ads, turning infected devices into SOCKS5 proxies for threat actors to route malicious traffic and steal data from Spanish-speaking victims.

3 min readMirax
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted AttacksHIGH
Malware

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Attacks

Threat actors are abusing the Obsidian note-taking app to deliver the novel PHANTOMPULSE RAT via malicious plugins, targeting individuals in finance and cryptocurrency sectors in a campaign tracked as REF6598.

4 min read
Mirax Android RAT Steals Credentials, Enslaves Phones for Proxy NetworkHIGH
Malware

Mirax Android RAT Steals Credentials, Enslaves Phones for Proxy Network

The Mirax Android RAT steals banking credentials and covertly turns infected devices into residential proxy nodes for criminal traffic, creating a dual-threat mobile botnet.

4 min read
CPUID Software Downloads Compromised, Delivered STX RAT MalwareHIGH
Malware

CPUID Software Downloads Compromised, Delivered STX RAT Malware

Threat actors compromised CPUID's download infrastructure for six hours, redirecting users to malicious sites serving the STX RAT. Official signed files were not affected.

3 min read
Fake Claude AI Website Delivers PlugX RAT via DLL SideloadingHIGH
Malware

Fake Claude AI Website Delivers PlugX RAT via DLL Sideloading

A fraudulent website impersonating Anthropic's Claude AI distributes a self-deleting installer that deploys the PlugX remote access trojan via DLL sideloading.

4 min read
Obsidian Plugin Ecosystem Abused to Deliver PhantomPulse RAT in Targeted CampaignHIGH
Malware

Obsidian Plugin Ecosystem Abused to Deliver PhantomPulse RAT in Targeted Campaign

REF6598 threat group weaponizes Obsidian notes plugins to drop the PhantomPulse RAT on fintech and crypto professionals — TTP breakdown, IOCs, and what security teams should look for.

4 min readREF6598

Stay Updated

Get the latest cybersecurity news delivered to your inbox.