Despite a global scramble to patch the critical Log4j zero-day vulnerability discovered over two years ago, it remains a persistent threat. Complex software dependencies hinder comprehensive patching, allowing nation-state actors and cybercriminal groups to exploit unpatched systems. In a recent campaign, attackers deployed cryptocurrency miners and installed malicious backdoor scripts to control compromised systems. This highlights the challenge of eradicating longstanding unpatched vulnerabilities.

Counterfeit Android phones are hiding pre-installed malware that can infect every system process
Kaspersky researchers have identified a new strain of the Triada Trojan, pre-installed on counterfeit Android devices. The malware, first identified in 2016, can steal personal