Trellix

XWorm backdoor resurfaces with ransomware module and dozens of plugins

Cybercrime, News, Research, Vulnerabilities

October 6, 2025

Researchers at Trellix told BleepingComputer that new XWorm variants 6.0, 6.4 and 6.5 are circulating in phishing campaigns, include more than 35 plugins and a ransomware module that encrypts user files and drops ransom instructions.
DoNot APT Group Launches Cyber Espionage Attack on European Foreign Affairs Ministry

Cybercrime, News, Policy, Vulnerabilities

July 12, 2025

The DoNot APT group has launched a sophisticated cyber espionage attack on a European foreign affairs ministry, marking a significant expansion beyond its traditional focus on South Asia, according to researchers at Trellix.