The first backdoor, WolfsBane, is a Linux version of Gelsevirine, a Windows backdoor used by Gelsemium. WolfsBane is a Linux equivalent of Gelsemium’s Gelsevirine backdoor and the WolfsBane dropper is analogous to the Gelsemine dropper.

ESET's analysis of RedLine Stealer revealed how the malware has evolved into a Malware-as-a-Service (MaaS) operation. The RedLine panel allows affiliates to manage cybertheft campaigns targeting credentials and financial data with ease.

A toolset called CloudScout developed by the APT group Evasive Panda is targeting Taiwanese institutions to extract cloud-based data. The attacks, discovered by ESET, exploit session cookies stolen by MgBot plugins to access cloud services.

ESET researchers revealed that the Telekopye scam toolkit, previously known for targeting online marketplace users, has now turned its focus towards exploiting tourists via accommodation booking platforms like Booking.com and Airbnb.

The GoldenJackal threat actor has been targeting embassies and government organizations with a focus on infiltrating air-gapped systems. The group has been active since at least 2019.

CosmicBeetle has unleashed a new ransomware called ScRansom, targeting SMBs in Europe, Asia, Africa, and South America, possibly working with RansomHub. The threat actor swapped its Scarab ransomware for ScRansom, showing ongoing enhancements.

This malware allows attackers to emulate victims' cards, enabling them to make unauthorized payments or withdraw cash from ATMs. The campaign has been active since November 2023.

Attackers disguise malicious tools as legitimate GenAI apps through phishing sites, web browser extensions, fake apps on mobile stores, and malicious ads on social media.

Cybercriminals targeted Polish businesses with Agent Tesla and Formbook malware through widespread phishing campaigns in May 2024. Small and medium-sized businesses (SMBs) in Poland, Italy, and Romania have been affected.

Threat actors are targeting Hamster Kombat's 250 million players with fake Android and Windows software that install spyware and malware. The clicker mobile game allows players to earn fictional currency by completing simple tasks.