A sophisticated backdoor targeting major Russian organizations was discovered in April 2025. It disguises itself as legitimate ViPNet software updates, enabling data theft and deployment of additional malware. The attack utilizes a path substitution technique for execution and connects to command and control servers for file exfiltration. Experts urge organizations to verify updates and enhance security measures amid rising cyber espionage threats.
Cryptojacking Malware Exploits Docker for Token Mining
A new cryptojacking campaign is targeting Docker environments, exploiting the reward system of Web3 startup teneo.pro instead of typical tools like XMRig. The attackers generate
