Cybersecurity researchers uncovered a large-scale malware campaign that targets individual users and organisations with Trojan-Downloader.Win32.TookPS malware. Fraudulent websites mimicking official download pages lure users into downloading compromised files. The malware manipulates legit software applications such as UltraViewer, AutoCAD, and SketchUp, allowing attackers to gain full control, run arbitrary commands and steal sensitive data. Experts advise avoiding unverified sources, updating security solutions, providing regular security awareness training, and enforcing strict policies against unauthorized installations.
Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is
