Cybersecurity researchers at ESET have discovered a new Linux backdoor named WolfsBane, attributed to the Gelsemium advanced persistent threat (APT) group. This is the first reported instance of Gelsemium using Linux malware, signalling a change in strategy. WolfsBane is designed for cyberespionage, targeting system information, user credentials and specific files while maintaining persistent access and avoiding detection. A similar Linux backdoor named FireWood was also found, although its connection to Gelsemium is uncertain.
Rising ClickFix malware distribution trick puts PowerShell IT policies on notice
A cyber-espionage group known as UAC-0050 has used the ClickFix technique to launch a phishing campaign in Ukraine. Using fake notifications about shared documents, users
