Like a chameleon slipping through the shadows, researchers reported an upgraded Hijack Loader now cloaking itself with call stack spoofing and anti-VM checks to dodge detection and dig deeper into compromised systems. Meanwhile, a familiar threat of Gootloader has resurfaced, luring unsuspecting users hunting legal templates via Google Ads. Collaboration turns treacherous elsewhere, as analysts uncovered a new malware campaign exploiting Microsoft Teams’ chat channels, delivering a stealthy Node.js-based backdoor to infiltrate networks. Continue reading for more cybersecurity headlines from the last 24 hours.
01
Cybersecurity researchers have discovered an updated version of Hijack Loader, which now implements call stack spoofing and anti-VM checks to evade detection and establish persistence on compromised systems.
02
The Gootloader malware has re-emerged with a new campaign, targeting individuals searching for legal document templates through Google Ads.
03
A threat actor, JINX-0126, is targeting exposed PostgreSQL instances to deploy cryptocurrency miners, with over 1,500 victims claimed to date. This activity is an evolved variant of a malware strain, PG_MEM.
04
Microsoft discovered a critical code execution vulnerability, tracked as CVE-2025-1268, in certain Canon printer drivers, which could potentially allow arbitrary code execution.
05
A new malware campaign is targeting Microsoft Teams users, exploiting the platform's communication vulnerabilities to deliver a Node.js-based backdoor.
06
Emmenhtal Loader has been observed in a malicious campaign targeting the First Ukrainian International Bank, where it is used in conjunction with SmokeLoader malware to deploy additional malware dynamically.
07
Security researchers discovered a hidden remote access tunnel service pre-installed on the Unitree Go1 robot dog, which activates once the device detects internet connectivity, potentially allowing unauthorized access to the robot and its camera feeds.
08
Acronis analyzed a complex, multi-stage malware delivery chain involving a VBS, a batch file, and a PowerShell script, which ultimately leads to the deployment of high-profile malware like DCRat or Rhadamanthys info-stealer.
09
A security researcher has discovered eight zero-day vulnerabilities in the Netgear WNR854T legacy router, which are unpatched due to the device being end-of-life.
10
ReliaQuest raised $500 million in a new funding round led by EQT Partners, KKR, and FTV Capital, along with existing investors, bringing the firm’s valuation to $3.4 billion.
