The Qakbot emails show the long tail of exploitation efforts against the Microsoft ProxyLogon flaw.
Kaspersky researchers have found a new UEFI rootkit called CosmicStrand that infects the firmware of some specific motherboards.
The threat actor has been observed targeting companies with operations supporting foreign exchanges and cryptocurrency, and organizations in the Decentralized Finance (DeFi) industry.
A new piece of malware called ZuoRAT, based on the Mirai code, is hitting SOHO routers and performing DNS and HTTP hijacking.
A new "highly-evasive" Linux malware leverages the Berkeley Packet Filter (BPF) hooking functionality to hide malicious network traffic.