CyberSecurityBoard
Sponsor Register Login

Xworm malware resurfaces with ransomware module, over 35 plugins

The Xworm malware has made a significant comeback, now equipped with a ransomware module and boasting over 35 plugins. This resurgence marks a notable evolution in the malware's capabilities, making it a more formidable threat to cybersecurity. Originally known for its remote access trojan (RAT) functionalities, Xworm has expanded its arsenal to include ransomware features, allowing attackers to encrypt victims' files and demand payment for decryption. The malware's extensive plugin system enhances its versatility, enabling it to perform a wide range of malicious activities beyond ransomware, such as data theft, system manipulation, and persistence mechanisms. This development underscores the increasing sophistication of cyber threats and the need for robust security measures. Organizations and individuals are urged to stay vigilant, update their security solutions, and be cautious of suspicious emails and downloads that could serve as infection vectors. The Xworm case exemplifies how malware authors continuously adapt and enhance their tools to evade detection and maximize impact, highlighting the critical importance of proactive threat intelligence and incident response strategies in today's cybersecurity landscape.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 06 Oct 2025 11:45:16 +0000


Cyber News related to Xworm malware resurfaces with ransomware module, over 35 plugins

10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
7 months ago Cybersecuritynews.com
XWorm - The Most Active RAT Uses New Stagers and Loaders to Bypass Defenses - This sophisticated malware has evolved far beyond traditional RAT capabilities, incorporating advanced features including keylogging, remote desktop access, data exfiltration, and command execution that make it particularly attractive to threat ...
3 months ago Cybersecuritynews.com LockBit
10 Best Ransomware File Decryptor Tools in 2025 - Kaspersky Rakhni Decryptor contains different decryption tools based on various versions of Rakhni ransomware and helps you decrypt encrypted files on your system. PyLocky Ransomware Decryption Tool is a free and open source developed and released by ...
6 months ago Cybersecuritynews.com
Xworm malware resurfaces with ransomware module, over 35 plugins - The Xworm malware has made a significant comeback, now equipped with a ransomware module and boasting over 35 plugins. This resurgence marks a notable evolution in the malware's capabilities, making it a more formidable threat to cybersecurity. ...
2 days ago Bleepingcomputer.com
New Xworm V6 Variant Injects Malicious Code - The cybersecurity landscape has witnessed the emergence of a new variant of the Xworm malware, dubbed Xworm V6, which is capable of injecting malicious code into targeted systems. This variant represents an evolution in the malware's capabilities, ...
5 days ago Cybersecuritynews.com
Developer Accounts Compromised Due to Credential Reuse in WordPress.org Supply Chain Attack - On June 24th, 2024, the Wordfence Threat Intelligence Team became aware of a WordPress plugin, Social Warfare, that was infected with malware through the WordPress repository. We immediately notified the WordPress Plugin's Team and they removed the ...
1 year ago Wordfence.com
New XWorm V6 Variant’s With Anti-Analysis Capabilities Attacking Windows Users in The Wild - This protection mechanism, combined with its registry-based persistence and memory-only execution, creates a formidable challenge for both automated security tools and manual incident response efforts, highlighting the continued evolution of modern ...
2 months ago Cybersecuritynews.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
2 years ago Heimdalsecurity.com LockBit
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
1 year ago Securityboulevard.com TA505 8base LockBit BianLian Medusa Noescape Black Basta
Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
1 year ago Pandasecurity.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
1 year ago Feeds.fortinet.com 8base
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
1 year ago Unit42.paloaltonetworks.com Medusa
3 More Plugins Infected in WordPress.org Supply Chain Attack Due to Compromised Developer Passwords - Update #1: As of 12:36PM EST, another plugin has been infected. We've updated the list below to include this fourth plugin and the plugins team has been notified. Update #2: As of 2:20 PM EST, two more plugins appear to have malicious commits the ...
1 year ago Wordfence.com
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
1 year ago Helpnetsecurity.com
VX-Underground malware collective framed by Phobos ransomware - A new Phobos ransomware variant frames the popular VX-Underground malware-sharing collective, indicating the group is behind attacks using the encryptor. Phobos launched in 2018 in what is believed to be a ransomware-as-a-service derived from the ...
1 year ago Bleepingcomputer.com Qilin Cactus Black Basta
PixPirate: The Brazilian financial malware you can't see, part one - The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan malware that heavily utilizes anti-research techniques. Within IBM Trusteer, we saw several different ...
1 year ago Securityintelligence.com
How to Remove Malware + Viruses - Malware removal can seem daunting after your device is infected with a virus, but with a careful and rapid response, removing a virus or malware program can be easier than you think. We created a guide that explains exactly how to rid your Mac or PC ...
1 year ago Pandasecurity.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
1 year ago Bleepingcomputer.com LockBit Akira Noescape
Ransomware in 2023 recap: 5 key takeaways - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. While some ransomware trends hardly changed over the last year, such as LockBit's continued dominance, ransomware criminals also challenged ...
1 year ago Malwarebytes.com Scattered Spider LockBit
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
1 year ago Feeds.fortinet.com
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
1 year ago Bleepingcomputer.com LockBit Inc ransom Black Basta
Top 10 Best Dynamic Malware Analysis Tools in 2025 - FireEye Malware AnalysisEnterprise-grade solution, zero-day detection, integration with threat intelligence, memory forensics.Enterprise-grade malware detection and forensicsPricing details not publicly available; contact for quote.Yes6. Detux ...
7 months ago Cybersecuritynews.com
The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
1 year ago Bleepingcomputer.com LockBit BianLian Akira Cactus
Hackers abuse WordPress MU-Plugins to hide malicious code - Hackers are utilizing the WordPress mu-plugins ("Must-Use Plugins") directory to stealthily run malicious code on every page while evading detection. However, because MU-plugins run on every page load and don't appear in the standard plugin list, ...
6 months ago Bleepingcomputer.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)