Researchers have uncovered a new strain of the advanced KoiLoader malware, believed to be distributed through phishing emails posing as bank statements. The malware employs PowerShell scripts in Windows shortcut files to evade conventional security detection. It carries the Koi Stealer virus, capable of stealing sensitive information. Experts advise disabling wscript.exe via AppLocker, closely monitoring PowerShell execution logs, and deploying behaviour-based detection tools to counter these types of threats.
Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is
