Security researchers at Mandiant have discovered a new malware campaign exploiting Ars Technica and Vimeo. Cybercriminals uploaded an innocent-looking image of a pizza on Ars Technica and a video on Vimeo, both containing encoded data hidden in their descriptions. The infected devices retrieved the encoded data and launched the malware’s second phase. The attacks are believed to originate from a financially motivated threat actor known as UNC4990.
Chinese APT Group IT Service Provider Leveraging Microsoft Console Debugger to Exfiltrate Data
In early 2025, a novel campaign attributed to the Chinese APT group known as Jewelbug began targeting an IT service provider in Russia. The attackers
