Russia-linked espionage group Shuckworm is targeting a Western military mission in Ukraine using more complex malware tools. The group is shifting towards PowerShell-based tools for stealth and persistence. The initial infection appears to come from infected removable drives. Shuckworm deployed the updated version of GammaSteel infostealer designed to extract sensitive data from targeted networks. The group has been active since 2013, targeting Ukrainian government, law enforcement, and defense organizations.
DPRK Hackers Exploit LinkedIn to Infect Developers with Infostealers
North Korean hacking group Slow Pisces is using malicious coding challenges on LinkedIn to target cryptocurrency project developers, according to cybersecurity researchers at Unit 42.
