A sophisticated malware campaign leveraging the KongTuke threat cluster has emerged, targeting Windows users through a novel FileFix technique that deploys an advanced PHP-based variant of the Interlock remote access trojan (RAT).
This represents a significant evolution from JavaScript-based implementations, demonstrating increased operational sophistication and resilience.
Since May 2025, cybersecurity researchers have observed widespread activity related to the Interlock RAT in connection with...
GhostContainer backdoor: malware compromising Exchange servers of high-value organizations in Asia
Kaspersky Securelist
14 minutes ago
Table of Contents GhostContainer: the backdoor Stub: C2 parser and dispatcher App_Web_843e75cf5b63: virtual page injector App_Web_8c9b251fb5b3: web proxy StrUtils: string and XML format processing cla...
