A newly uncovered cyberespionage campaign, attributed with high confidence to Iranian threat actors and with lower confidence to APT35 (Charming Kitten), involves a fake website impersonating the German Mega Model Agency.

A newly uncovered campaign by the Lampion banking malware group has targeted Portuguese organizations in the government, finance, and transportation sectors. Lampion is an info stealer known for stealing sensitive banking credentials.

A phishing campaign employed a multi-layered attack chain to deliver Agent Tesla, Remcos RAT, and XLoader malware. The attackers used deceptive emails with legitimate-looking attachments to bypass detection and complicate analysis.

A large-scale crypto investment scam targeted victims via fraudulent websites and mobile apps, impersonating trusted brands and promising unrealistic returns. The scheme operates like a pyramid scam, primarily targeting users in East Africa and Asia.

Unit 42 assessed the ICONICS Suite SCADA system and identified five vulnerabilities in versions 10.97.2 and earlier for Windows. The ICONICS security team issued multiple patches in 2024 to resolve these issues.

In this campaign, Unit 42 researchers discovered a Rust-based macOS malware nicknamed RustDoor masquerading as a legitimate software update, as well as a previously undocumented macOS variant of a malware family known as Koi Stealer.

While analyzing infrastructure related to Stately Taurus activity targeting organizations in countries affiliated with ASEAN, Unit 42 researchers observed overlaps with infrastructure used by a variant of the Bookworm malware.

These vulnerabilities have been assigned Common Vulnerability Scoring System (CVSS) numbers ranging from 2.8 to 3.3 representing a Low level of impact. Successful exploitation could lead to limited denial of service and information disclosure.

The campaign primarily aimed to obtain the personal information of government employees and steal sensitive data from targeted organizations. These objectives bear the hallmarks of a nation-state advanced persistent threat (APT) espionage operation.

The technique asks the target LLM to act as a judge scoring the harmfulness of a given response using the Likert scale, a rating scale measuring a respondent’s agreement or disagreement with a statement.