Cybersecurity firm Kaspersky has linked the known threat actor DoNot Team to the use of a new .NET-based backdoor named Firebird, targeting victims in Pakistan and Afghanistan. The attack chains have also been configured to deliver a downloader, named CSVtyrei. The attackers are suspected to be of Indian origin, employing spear-phishing emails and rogue Android apps to spread malware.

Sonatype reports rise in open source malware to 17,954
The 1Q 2025 Open Source Malware Index from Sonatype revealed that open source malware packages doubled compared to the same period last year, with 56%