Bitdefender
-
Microsoft urges coordinated disclosure after public zero-day releases
Microsoft said public disclosure of six Windows zero-days without prior notice put customers at risk, after exploit details surfaced over the past month and three of the flaws were later used in active attacks.
-
Qilin ransomware deployed in supply-chain attack hits South Korean financial firms
Security researchers say a supply‑chain compromise of a managed service provider enabled Qilin ransomware to hit multiple South Korean financial firms in September 2025, stealing more than 1 million files and about 2 TB of data in a campaign researchers call “Korean Leaks.”
-
Researchers: Russian-linked group used Hyper-V to hide Alpine VM and bypass endpoint security
Bitdefender and Georgia CERT say Curly COMrades abused Hyper-V to run a hidden Alpine VM hosting custom implants CurlyShell and CurlCat, bypassing endpoint security and using host networking to mask malicious traffic; researchers published IoCs on GitHub.
-
Curly COMrades APT Targets Georgia and Moldova, Leveraging Ngen for Persistence, Bitdefender Warns
A new cyber espionage campaign attributed to the Curly COMrades threat actor targets Georgia and Moldova, leveraging a mix of legitimate tools and a bespoke backdoor to establish long-term access and exfiltrate credentials, according to Bitdefender.
-
RedCurl Cyberspies Adopt Ransomware Tactics Targeting Hyper-V Servers
RedCurl, a cyber-espionage group known for corporate intrusions, has shifted tactics by deploying ransomware designed to encrypt Hyper-V virtual machines. This significant evolution in their operational strategy raises concerns about their intentions and operational objectives.





