WordPress users beware - GootLoader strikes again, using font hack to spread malware

In the new campaign, Gootloader was most likely leveraged by a group known as Storm-0494, as well as its downstream operator, ...
SecurityWeek

Critical Triofox Vulnerability Exploited in the Wild

A threat actor exploited a critical vulnerability in Triofox to obtain remote access to a vulnerable server and then achieve code execution.
The Hacker News

Iranian Hackers Launch 'SpearSpecter' Spy Operation on Defense & Government Targets

Iran’s APT42 launches SpearSpecter campaign using TAMECAT malware, targeting defense and government officials.

Curly COMrades: Evasion and Persistence via Hidden Hyper-V Virtual Machines

This investigation, conducted with support from the Georgian CERT, uncovered new tools and techniques used by the Curly COMrades threat actor. It established covert, long-term access to victim ...

Russian hackers abuse Hyper-V to hide malware in Linux VMs

The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response ...
CSO Online

Russian APT abuses Windows Hyper-V for persistence and malware execution

Recently documented Curly COMrades group bypasses traditional host-based EDR solutions by spinning up VMs with deceptive ...
The Hacker News

Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware

"The proliferation of cybercrime services supporting each step of the Booking.com attack chain reflects a professionalization ...
Infosecurity Magazine

Akira Ransomware Haul Surpasses $244M in Illicit Proceeds

Akira ransomware has extorted $244M since September 2025, with some attacks exfiltrating data in just two hours, a joint cybersecurity advisory warns ...

How a CPU spike led to uncovering a RansomHub ransomware attack

A sudden CPU spike turned out to be the first clue of an in-progress RansomHub ransomware attack. Varonis breaks down how ...

Email Threat Radar – November 2025

Over the last month, Barracuda threat analysts have seen the following notable developments in email-based threats targeting ...
Infosecurity Magazine

Hackers Exploit Critical Flaw in Gladinet's Triofox File Sharing Product

Threat actors were exploiting vulnerable versions of Triofox after a patched version was released, said Google Cloud ...