The FASTCash malware tampers with messages between issuing and acquiring banking domains to turn rejected transactions into approved ones. The malware targets misconfigured implementations of the ISO 8583 financial messaging standard, which allow tampered messages to go undetected. The North Korean hacking group BeagleBoyz, a subset of government-backed group HiddenCobra, has employed the malware in numerous bank attacks worldwide since 2015.
Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is
