Cyber attackers are using business applications, including DeepSeek, AutoCAD, UltraViewer, to spread backdoors for remote access. Among the three malware used is TookPS, first identified by Kaspersky in March. The campaign mimics several brands and offers free downloads of different software, which actually installs the TookPS loader, allowing for command-and-control actions by the attackers. The fake software sites have received significant exposure and have also been spread through malvertising on Google Ads.
Black Basta-like Microsoft Teams phishing leads to novel backdoor
A phishing campaign exploiting Microsoft Teams has been discovered deploying a unique PowerShell backdoor. Cybersecurity firm ReliaQuest identified an attack technique previously unseen in the
