Estimated reading time: 9 minutes
During our recent investigation at Seqrite Labs, we identified a sophisticated variant of Masslogger credential stealer malware spreading through .VBE (VBScript Encoded) files. Initially, the variant appeared to be a typical script-based threat, but upon deeper analysis it turned...
Estimated reading time: 3 minutes
Security Flaws in eMagicOne Store Manager for WooCommerce in WordPress (CVE-2025-5058 and CVE-2025-4603) The eMagicOne Store Manager for WooCommerce plugin is in WordPress used to simplify and improve store management by providing functionality not found in the normal WooCommerce...
Estimated reading time: 10 minutes
Operation DRAGONCLONE: Chinese Telecommunication industry targeted via VELETRIX & VShell malware. Contents Introduction Initial Findings Infection Chain. Technical Analysis Stage 0 – Malicious ZIP File. Stage 1 – Malicious VELETRIX implant. Stage 2 – Malicious V-Shell implant. Hunting and...
Estimated reading time: 14 minutes
Unveiling Swan Vector APT Targeting Taiwan and Japan with varied DLL implants. Introduction Initial Findings. Looking into the decoy. Infection Chain. Technical Analysis. Stage 1 – Malicious LNK Script. Stage 2 – Malicious Pterois Implant. Stage 3 – Malicious...
Estimated reading time: 4 minutes
Security Flaw in Yelp Help Viewer (CVE-2025-3155) Yelp is the default help browser in GNOME-based Linux distributions, including widely used systems such as Ubuntu, Fedora and Debian etc. It is responsible for rendering help documentation written in the Mallard...
Estimated reading time: 8 minutes
Kimsuky: A Continuous Threat to South Korea with Deceptive Tactics Contents Introduction Infection Chain Initial Findings Campaign 1 Looking into PDF document. Campaign 2 Looking into PDF document. Technical Analysis Campaign 1 & 2 Conclusion Seqrite Protection MITRE ATT&CK...Estimated reading time: 10 minutes
Operation HollowQuill: Malware delivered into Russian R&D Networks via Research Decoy PDFs. Contents Introduction Key Targets Industries Affected Geographical Focus Infection Chain Initial Findings Looking into the decoy-document Technical Analysis Stage 1 – Malicious RAR File Stage 2 –...
Estimated reading time: 6 minutes
SnakeKeylogger – A Multistage Info Stealer Malware Campaign Info-stealer malware has become a growing threat, with attackers constantly refining their techniques to evade detection. Among these threats, SnakeKeylogger has emerged as one of the highly active credential-stealing malware, targeting...
Estimated reading time: 7 minutes
New Steganographic Campaign Distributing Multiple Malware Recently we have observed multiple stealer malware such as Remcos, DcRAT,AgentTesla, VIPKeyLogger, etc. distributed through a steganographic campaign. On tracing the roots, the campaign has been around for a while but has not...
Estimated reading time: 3 minutes
Beyond Passwords: Is Your System Truly Secure? The cybersecurity landscape is constantly evolving, with traditional methods of securing user accounts—such as passwords—proving increasingly inadequate against the growing sophistication of cyberattacks. In response, authentication systems that go Beyond Passwords, i.e.,...