Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

Tuoni

Kaspersky links new Operation ForumTroll phishing wave to targeted attacks on Russian academics

Cybercrime, News, Research, Vendors, Vulnerabilities

December 17, 2025

Kaspersky detected a targeted October 2025 phishing campaign tied to Operation ForumTroll that used eLibrary impersonation and personalized one‑time links to deliver a PowerShell chain and the Tuoni remote access framework to academics in Russia; the group’s origins remain unknown.
Researchers detail use of Tuoni C2 in attack on U.S. real-estate firm

Cybercrime, Research, Risk, Vendors

November 19, 2025

Researchers said attackers used the Tuoni C2 framework in a mid-October 2025 intrusion attempt against a U.S. real-estate firm, employing social engineering, PowerShell downloaders, BMP steganography and in-memory execution; the campaign was detected and blocked.

About
Editorial Policy
Privacy
Contact