AK47 C2
-
Chinese APT deploys EggStreme fileless framework in Philippines attack, Bitdefender says
A Chinese APT group has been linked to compromising a Philippines-based military services company using EggStreme, a new fileless malware framework designed for memory-resident espionage, with a backdoor capable of extensive reconnaissance and data theft.
-
Iranian-aligned group linked to multi-wave spear-phishing targeting embassies worldwide, researchers say
An Iran-linked threat group is behind a coordinated, multi-wave spear-phishing campaign targeting embassies and consulates worldwide, using VBA macro payloads to deploy malware, according to researchers.
-
TamperedChef information stealer emerges in malvertising campaign promoting AppSuite PDF Editor
Cybersecurity researchers have identified a malvertising campaign delivering a backdoored PDF editor, AppSuite PDF Editor, that drops a new information stealer dubbed TamperedChef. The operation leverages Windows Registry persistence, a C2-enabled backdoor, and widespread Google ad campaigns to maximize downloads.
-
Source-code leak exposes ERMAC Android banking trojan infrastructure, researchers say
The ERMAC Android banking trojan v3 source code was leaked online, exposing its backend, panel, and exfiltration infrastructure and signaling an expanded targeting scope of over 700 apps, along with notable operational security lapses that could invite further risk from other threat actors.
-
Storm-2603 Exploits SharePoint Vulnerabilities to Deploy Ransomware
A recent analysis reveals that Storm-2603, a suspected China-based threat actor, is exploiting Microsoft SharePoint vulnerabilities using a bespoke command-and-control framework, deploying ransomware like Warlock and LockBit.
