Microsoft

Signed malware impersonating workplace apps deploys RMM backdoors

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...

Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal ...
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...

基于合法RMM工具的钓鱼攻击隐蔽机制与防御策略研究

RMM工具之所以难以被检测,还在于其通信机制的隐蔽性。大多数现代RMM软件采用端到端加密的HTTPS或专有加密协议与控制服务器通信。对于网络监控设备而言,这些流量看起来与普通的Web浏览流量或合法的软件更新流量无异。此外,RMM软件通常会连接到全球分 ...
Security Boulevard

APT37 Adds New Capabilities for Air-Gapped Networks

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...