New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains

Updated on June 18, 2025

A new campaign is making use of Cloudflare Tunnel subdomains to host malicious payloads and deliver them via malicious attachments embedded in phishing emails.
The ongoing campaign has been codenamed SERPENTINE#CLOUD by Securonix.
It leverages “the Cloudflare Tunnel infrastructure and Python-based loaders to deliver memory-injected payloads through a chain of shortcut files and obfuscated…

Read the rest of the story at Read More

Source: The Hacker News

July 3, 2025 Uncategorized

Over 40 Malicious Firefox Extensions Tar...

June 2, 2025 Uncategorized

⚡ Weekly Recap: APT Intrusions, AI Mal...

June 3, 2025 Uncategorized

New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains

Related posts

Over 40 Malicious Firefox Extensions Tar...

⚡ Weekly Recap: APT Intrusions, AI Mal...

Critical 10-Year-Old Roundcube Webmail B...

Leave a Comment Cancel reply

Recent News

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger

Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025

Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft

Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft

FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage

Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts

🕵️ Webinar: Discover and Control Shadow AI Agents in Your Enterprise Before Hackers Do