Cybersecuritynews
XWorm RAT Campaign Utilizes Phishing and CVE-2018-0802 Exploit
First seen 13 Feb 2026, 12:09 UTC
•

•83% similarity
•48.7
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
A new phishing campaign has been detected distributing an updated variant of the XWorm Remote Access Trojan (RAT), which exploits CVE-2018-0802 to evade detection. This campaign targets Microsoft Windows systems and is actively traded in Telegram marketplaces, affecting numerous users since its first tracking in 2022.
ThreatCluster AI
Timeline
2018-02-13
CVE-2018-0802 published
2022-01-01
XWorm first tracked
2026-02-13
New XWorm RAT campaign reported