CVE Tools
Back to feed
The Hacker News ·EN News source PoC public UAT-11795pepesoft.exeStarland RATWLDR agent

ThreatsDay: Game Cheat Spyware, 24-Hour Ransomware, Chrome Sync Stalking + 12 More Stories

By The Hacker News··12 min read
CVE Tools coverage

This week’s ThreatsDay highlights a surge in malicious activity involving game cheat spyware, fast-spreading ransomware, and new exploit techniques. Researchers discovered 11 malicious NuGet packages posing as game utilities that download a Python payload named pepesoft.exe. Meanwhile, the financially motivated threat group UAT-11795 is distributing Starland RAT and WLDR agent through trojanized installers for popular software like MobaXterm and Zoom. Additionally, a new ransomware family called Spirals encrypted an entire network within 24 hours after breaching an IIS web server. CISA also added two actively exploited vulnerabilities—CVE-2026-46817 and CVE-2023-4346—to its KEV catalog. These developments underscore the importance of patching known flaws and scrutinizing seemingly benign downloads.