Cybercriminals are using Skype to disseminate a malware known as DarkGate. DarkGate has been in existence since 2017 and has seen a recent revival in usage. It’s believed this resurgence is due to the malware’s developer leasing it on the dark web. Consequently, hackers have been taking over Skype conversations and sending victims to a SharePoint site to download the malicious file. Once this file is launched, it establishes persistence by dropping a random LNK file into the Windows user startup folder. Across the three observed delivery methods, researchers noted that the majority of targets (41%) were in the Americas.
Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is
