Trustwave SpiderLabs uncovered a resurgence of a malicious campaign in February 2025. The attack involves tricking users, via fake CAPTCHA verifications on compromised websites, into executing a multi-stage chain of PowerShell commands to deliver malware. The malware – Lumma and Vidar, are used to steal sensitive data from infected systems. The attackers use multiple techniques, such as large file sizes, to evade detection. Trustwave advises organizations to be vigilant against deceptive CAPTCHA prompts.
Chinese Hackers Target European Diplomats with Malware
MirrorFace, a threat actor tied to Chinese cyberespionage, has expanded its activity outside East Asia, targeting a European organization with updated hacking tools. Researchers from
