Cybersecurity researchers at CloudSEK have exposed an attack campaign targeting aspiring hackers. The operation involves a weaponized version of the XWorm Remote Access Trojan (RAT) builder, primarily distributed through GitHub and other online platforms. The malware, once installed, performs harmful activities including data exfiltration, remote command execution, and File encryption for ransomware operations. The campaign has compromised over 18,459 devices worldwide, particularly in Russia, the US, India, Ukraine, and Turkey.
Threat Actors Exploit Government Website Vulnerabilities For Phishing Attacks
Cybercriminals are exploiting vulnerabilities in government websites, using .gov domains for phishing campaigns. A report highlights how nearly 60% of abused domains included a specific
