Malware

A recent attack achieved Domain Controller compromise in just 17 hours.

Windows machines' Hyper-V hypervisors are being targeted by Russia-linked threat operation Curly COMrades to establish a concealed Alpine Linux-based virtual machine enabling long-term network compromise and malware delivery as part of an attack campaign that commenced in July, The Register reports.

Rather than leveraging AI capabilities, the attacker stores commands in Assistant messages.

New BankBot-YNRK, DeliveryRAT Android banking trojans examined Android users could have their devices' data exfiltrated by the new BankBot-YNRK and DeliveryRAT banking trojans, The Hacker News reports.

The AI assistant helped researchers save time, but not without manual intervention.

Cyber gangs use RMM tools to hijack logistics systems, rerouting real cargo for physical theft.

Russia's Interior Ministry has announced that a trio of "young IT specialists" allegedly involved in the development, distribution, and deployment of the Meduza information-stealing malware have been arrested by the Russian National Guard, The Register reports.

Open VSX had a limited number of tokens exposed within the VSCode extensions revoked by project maintainer Eclipse Foundation following a Wiz report detailing the compromise of Open VSX and VSCode extensions with the GlassWorm malware as part of a supply chain intrusion, reports The Hacker News.