An advanced persistent threat (APT) group, known as TA402 and supported by pro-Palestinian entities, has been conducting a phishing campaign against Israeli individuals and organizations. The group has been distributing IronWind malware through official-looking email attachments related to the Gulf Cooperation Council’s Economic Cooperation Program. The malware, which allows for the loading of additional malware like trojans or keyloggers to steal data, reportedly began operating in July 2023. Proofpoint suggested organizations undertake cybersecurity training, system upgrading, and continuous supervision of suspicious activities.
Godot Engine Exploited to Spread Malware on Windows, macOS, Linux
Cybercriminals are using the Godot game engine to deliver malware, named GodLoader, to devices running on Windows, macOS, and Linux. GodLoader hides within game files,
