RoadK1ll functions as a lightweight reverse tunneling implant, designed to blend into normal network traffic and transform an infected machine into a relay point for attackers.
Security Affairs reports that multiple China-linked threat groups executed a complex cyber campaign against a Southeast Asian government in 2025, employing a diverse array of malware and advanced techniques to achieve persistent access and exfiltrate sensitive data.
The campaign, attributed to the Chinese cybercrime group Silver Fox, encompasses a wide range of applications including VPN clients, encrypted messengers, video conferencing tools, and e-commerce software.
Windows systems have been more stealthily compromised by the BlankGrabber malware through the exploitation of a counterfeit certificate holder for multi-stage Rust and Python attack chain concealment, GBHackers News reports.
Attacks deploying the newly emergent Python-based Infiniti Stealer malware have been aimed at macOS devices as part of a new ClickFix campaign, reports SecurityWeek.
Threat actors have leveraged bogus VS Code security alerts to compromise GitHub developers with malware as part of a large-scale scam operation, according to BleepingComputer.
The Shai-Hulud worms that exploited automatic updates in open-source software repositories may be only the beginning, two researchers said at RSAC 2026.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
