Researchers observed thousands of spam emails delivering the WailingCrab malware that were sent to targets in North and South America, Europe and Asia.
Researchers with IBM X-Force recently observed the new Gootloader variant being used for lateral movement, marking a significant change in the malware’s post-infection tactics.
A new attack group named ShroudedSnooper is targeting telecom providers in Middle Eastern countries with custom tools called HTTPSnoop and PipeSnoop.
The malware loader was recently observed in almost two dozen email campaigns that appeared to target English speakers and involved lures related to shipping orders and billing, invoice and purchase requests or inquiries.
CISA warned of an increase in TrueBot malware attacks that exploit a known remote code execution flaw in the Netwrix Auditor application.