Researchers from Proofpoint have discovered a highly-targeted email-based cyberattack focusing on UAE organisations involved in aviation, satellite communications and infrastructure. The hackers used a new backdoor malware called Sosano and disguised infection chains with unexpected methods. The targeted emails were sent from a compromised trusted source and malware was delivered via a fraudulent domain that appeared to be a legitimate Indian electronics company. The attacks were linked to possible Iranian-aligned adversaries.

AI Chatbot DeepSeek R1 Can Be Manipulated to Create Malware
Tenable Research has revealed that open-source AI chatbot DeepSeek R1 can be manipulated to generate keyloggers and ransomware. Initially refusing to write malicious code, researchers