The new malware family, PLAYFULGHOST, offers keylogging, screen and audio capture, and remote shell access features. It is spread via phishing emails or by bundling with popular apps. The malware also utilises sophisticated execution techniques such as DLL search order hijacking. Google researchers have provided rules within Google Security Operations to detect this harmful activity.
PipeMagic Trojan Exploits Windows CLFS Zero-Day Vulnerability to Deploy Ransomware
Microsoft reported a now-patched security flaw, CVE-2025-29824, in Windows’ Common Log File System that was exploited in select ransomware attacks against IT and real estate
.webp?w=0&resize=0,0&ssl=1 "CISA Warns of CrushFTP Authentication Bypass Vulnerability Exploited in Attacks")
.webp?w=0&resize=0,0&ssl=1 "AWS Systems Manager Plugin Vulnerability Let Attackers Execute Arbitrary Code")