Cybersecurity researchers have disclosed details of a new malware calledMDifyLoaderthat has been observed in conjunction with cyber attacks exploiting security flaws in Ivanti Connect Secure (ICS) appliances.
According to a report published by JPCERT/CC today, the threat actors behind the exploitation ofCVE-2025-0282andCVE-2025-22457in intrusions observed between December 2024 and July 2025 have weaponized the vulnerabilities to drop MDifyLoader, which is then used to launch Cobalt Strike in mem...
Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands
CSO Online
54 minutes ago
Russian cyberespionage group APT28 has developed malware that generates commands by querying large language models (LLMs). The malware, dubbed LAMEHUG by the Ukrainian CERT, was used in recent spear p...
