Topic: command control
-
Microsoft: SesameOp Malware Exploits OpenAI API in Attacks
Microsoft discovered the SesameOp backdoor, which exploits the OpenAI Assistants API as a covert command-and-control channel to maintain persistent access in compromised systems. The malware evades detection by using legitimate cloud services for communication, blending malicious traffic with nor...
Read More » -
Russian Hackers Hide Malware in Linux VMs Using Hyper-V
The Russian cyber-espionage group Curly COMrades uses Microsoft's Hyper-V to hide malware in concealed Linux virtual machines, evading standard security measures and targeting entities aligned with Russian interests. Attackers deploy a minimal Alpine Linux VM hosting custom tools like CurlyShell ...
Read More » -
Abu Dhabi's RAAD Smart Vehicle: AI-Powered Emergency Response
Abu Dhabi has launched the RAAD smart vehicle, a multi-mission platform integrating AI, robotics, and drones to enhance emergency response, marking a regional first in comprehensive emergency technology. The vehicle supports strategic goals to improve response efficiency and on-site command, alig...
Read More » -
Inside the PureRAT Attack: From Info Stealer to Full Control
A sophisticated cyberattack begins with phishing emails using sideloading techniques to deploy malware, escalating from credential theft to deploying the full-featured PureRAT remote access trojan for complete system control. The campaign employs multiple layers of obfuscation, including custom c...
Read More » -
Gambling Network Secretly Doubles as Cybercrime Infrastructure
A long-running cybercrime network, active since around 2011, disguises itself as an illegal online gambling service while operating a massive malware and command-and-control infrastructure primarily targeting Indonesian citizens. The operation uses an extensive network of over 328,000 domains, hi...
Read More » -
Private Firm to Test Space Weapon in Self-Funded Demo
Defense contractors are competing for the Golden Dome missile shield program, a trillion-dollar initiative, and assert that the foundational technologies for an effective homeland defense system already exist within the U.S. industrial base. The main challenge is integrating components into a sea...
Read More » -
China's Salt Typhoon Hackers Target European Telecoms
A China-linked cyber espionage group known as Salt Typhoon is targeting European telecommunications providers to infiltrate critical infrastructure for intelligence gathering and surveillance. The attackers exploited a Citrix NetScaler Gateway vulnerability, deployed the SNAPPYBEE backdoor via DL...
Read More » -
North Korean Hackers Exploit Seoul Intelligence Files
A sophisticated spear-phishing campaign, attributed to North Korean-linked APT37, targeted South Korean intelligence and government personnel using deceptively authentic documents as bait. The operation unfolded in two phases: one distributing a malicious file disguised as a trusted newsletter to...
Read More » -
Google: AI-Powered Malware Is Now in Active Use
Google has identified new AI-driven malware families like PromptFlux and PromptSteal that use large language models to dynamically generate malicious scripts, enabling them to evade detection and operate more flexibly. These malware variants employ AI for various malicious purposes, including sel...
Read More » -
DroneShield Enhances Airspace Security with ADS-B Integration
DroneShield has integrated ADS-B technology into its detection ecosystem, enabling clear distinction between conventional aircraft and drone threats for enhanced airspace security. The integration with the DroneSentry-C2 platform provides a unified view of manned and unmanned aerial activities, r...
Read More » -
Uncover Dark Web Threats on Your Network with NDR
Cybersecurity teams combat dark web threats like ransomware and data theft by using Network Detection and Response (NDR) systems to identify hidden clues in network traffic. NDR platforms provide real-time monitoring with AI and machine learning to detect malicious activities, reduce response tim...
Read More » -
Beware: Spyware Poses as Signal and ToTok Messaging Apps
Cybersecurity experts discovered two spyware operations, ProSpy and ToSpy, which impersonate updates for Signal and ToTok to target Android users, particularly in the UAE, through fake websites. These malicious apps steal sensitive data like contacts, messages, and files by tricking users into gr...
Read More » -
Dubai Ports Debuts First Smart Drone System to Boost Safety
The Dubai Ports Authority has launched "Port Eye," an autonomous drone system using AI and 4K thermal imaging to enhance safety, inspections, and environmental monitoring in Dubai's ports. This system significantly reduces inspection times from four hours to fifty minutes and improves efficiency ...
Read More » -
Palmer Luckey's Anduril Debuts EagleEye MR Helmet
Anduril Industries has launched the EagleEye mixed-reality helmet system, integrating AI and sensors with its Lattice platform to enhance soldier capabilities through real-time data and command tools. The system improves situational awareness by displaying live video, detecting threats with rear ...
Read More » -
Chrome Zero-Day Used to Spread LeetAgent Spyware
A zero-day vulnerability in Google Chrome (CVE-2025-2783) was exploited via phishing in Operation ForumTroll, allowing attackers to escape Chrome's sandbox and deploy spyware developed by Memento Labs. The attack delivered LeetAgent spyware, which executed commands, stole files, and communicated ...
Read More » -
North Korean Lazarus Hackers Target European Defense Firms
North Korea's Lazarus hacking group targeted European UAV defense firms through a deceptive recruitment campaign called Operation DreamJob, aiming to steal military drone technology. The attackers used trojanized applications and DLL sideloading to deploy the ScoringMathTea RAT, granting extensiv...
Read More » -
Hytera's AI Innovations Shine at GITEX 2025
Hytera showcased its leadership in AI-driven mission-critical communications at GITEX GLOBAL 2025, emphasizing solutions for public safety, energy, transportation, and enterprise sectors through live demonstrations and product launches. The company introduced flagship products like the P60 Smart ...
Read More » -
Google Defends Bumpy Gemini AI Launch as Successful
Google's Gemini AI voice assistant rollout for smart speakers is facing user-reported issues with basic commands and smart home device control, despite the company labeling the initial launch as successful. The assistant is designed to be a significant upgrade with more conversational abilities a...
Read More » -
eScan Server Breach Delivers Malicious Software Update
eScan antivirus software experienced a supply chain attack where a compromised regional update server distributed a malicious file to a limited number of customers during a specific window in January 2026. The malicious update delivered a tampered component that established persistence, executed ...
Read More » -
Skuld Infostealer Exploits WSUS Flaw (CVE-2025-59287)
A critical remote code execution vulnerability (CVE-2025-59287) in Windows Server Update Services (WSUS) is being actively exploited, allowing attackers to install information-stealing malware on unpatched systems. The flaw stems from unsafe deserialization of untrusted data, enabling unauthentic...
Read More » -
Android Malware Grants Attackers Remote Hands-On Control
Klopatra is a new Android banking trojan that has infected over 3,000 devices in Europe by posing as a legitimate IPTV/VPN app, granting attackers full remote control to monitor screens and steal financial data. The malware, developed by a Turkish-speaking group, uses overlay attacks, VNC for hid...
Read More » -
CISA Warns of Rising Bulletproof Hosting Threat
CISA and global partners have released a guide to help combat bulletproof hosting, which enables ransomware, phishing, and other cybercrimes by ignoring legal complaints and aiding criminal anonymity. The guide recommends defensive measures like identifying malicious resources, improving traffic ...
Read More » -
Microsoft GoAnywhere Bug Fuels Medusa Ransomware Attacks
A critical vulnerability (CVE-2025-10035) in Fortra's GoAnywhere platform allows unauthenticated attackers to execute remote code, prompting urgent patching and removal of internet exposure. The flaw was exploited as a zero-day by Storm-1175, who used legitimate tools for reconnaissance and deplo...
Read More » -
CISA Alerts: Akira Ransomware Now Targets Linux, Nutanix VMs
The Akira ransomware group has expanded to target Linux systems and Nutanix AHV virtual machines, exploiting vulnerabilities like CVE-2024-40766 and encrypting .qcow2 disk files to increase their impact. Attackers use stolen credentials and tools like AnyDesk and Impacket for initial access, late...
Read More »