Skip to main content
Blockchain-Driven Open-Source Malware Ethereum Contracts Direct npm and GitHub Attacks

Image

Introduction

This analysis examines a novel supply chain attack that blends malware, blockchain, npm, github, opensource, payloads, ethereum, contracts, fake repositories, trust abuse, and rotation. Security researchers uncovered a campaign in which attackers embed obfuscated scripts in npm packages that consult ethereum contracts to locate secondary payloads. The technique transforms blockchain state into a dynamic control plane for malware and leverages fabricated repository activity to exploit trust in opensource ecosystems.

Redoracle Team9/5/25Newsmalwareblockchainnpmgithubopensourcesupply-chainpayloadsethereumcontractsfake-repositoriestrust-abuserotationAbout 5 min
“Automated Sextortion Spyware Stealerium Turns Porn Viewing Into Webcam Evidence”

Image

Introduction

Automated Sextortion Spyware Stealerium Turns Porn Viewing Into Webcam Evidence explores a rising cybercrime vector that combines privacy invasion with credential theft. This analysis synthesizes reporting and community discussion to explain what the threat is, how it operates at a high level, who is at risk, and what defensive measures individuals and organizations can take. Keywords informing this article include privacy, webcam, extortion, infostealer, data-exfiltration, credentials, cookies, phishing, drive-by-download, malware, windows, adult-content, breach, account-takeover, surveillance, automation.

Redoracle Team9/4/25News“privacywebcamextortioninfostealerdata-exfiltrationcredentialscookiesphishingdrive-by-downloadmalwarewindowsadult-contentbreachaccount-takeoversurveillanceautomation”About 4 min
Unmasking SoupDealer Cybersecurity's Newest Threat

Image

Introduction

In early August 2025, cybersecurity teams in Türkiye uncovered a new Java-based malware loader named SoupDealer. This malware managed to evade detection by all public sandboxes, antivirus solutions, and enterprise EDR/XDR platforms. It was part of a phishing campaign targeting Turkish users, distributing a three-stage loader via files named 'TEKLIFALINACAKURUNLER.jar'.

Redoracle Team8/12/25Newsmalwareevasion techniquesphishing campaigncybersecurity threatsAbout 2 min
Unveiling SVG Malware Threats

Image

Introduction

The exploitation of SVG files for malicious purposes, particularly in the context of adult websites and social media manipulation, poses significant cybersecurity threats. This article delves into the analysis of SVG exploits in adult sites and their implications, shedding light on the mechanisms of these attacks and the role of social engineering in spreading malware.

Redoracle Team8/11/25Newsmalwaresocial engineeringSVG filescyber threatssocial media manipulationAbout 2 min
Emerging Cyber Threats Speedify VPN and Raspberry Robin

Image

Introduction

The cybersecurity landscape is constantly evolving, with new threats emerging that target vulnerabilities in popular software and exploit advanced evasion techniques. In this article, we delve into two significant cyber threats: the macOS vulnerability in Speedify VPN and the Windows-targeting malware known as Raspberry Robin. These threats underscore the importance of staying vigilant against cyber attacks and the critical need for software updates to mitigate risks effectively.

Redoracle Team8/7/25Newsvulnerabilitymalwareevasion techniquessoftware updatesAbout 2 min