The cybersecurity incident was detected on July 3, 2025, prompting Ingram Micro to launch an investigation with the assistance of cybersecurity experts.
HackRead reports that U.S. government agencies and European critical infrastructure entities accounted for most of the 469 devices infected with a more clandestine version of the CastleLoader malware loader.
More than 18,000 active command-and-control servers across 48 hosting providers have been tapped by Chinese threat actors to facilitate malware compromise, accounting for nearly 84% of all nefarious cyber activity in Chinese hosting environments over the last three months, according to Cyber Security News.
A sophisticated cybersecurity threat, initially identified as the GhostPoster browser extension, has evolved into a significant concern for users unaware of its hidden capabilities.
Attackers have been leveraging a DLL side-loading flaw in a binary linked with the open-source c-ares library to deploy various illicit payloads, including Agent Tesla, XWorm, DCRat, Remcos RAT, Vidar Stealer, Lumma Stealer, Formbook, and CryptBot, as part of an ongoing malware campaign, The Hacker News reports.
