Cyber adversaries are upping their game with a new wave of stealthy and persistent malware designed for espionage and long-term access. A Chinese APT group has been observed deploying EggStreme, a fileless malware framework, in a long-term espionage operation against a Philippine military company. Alongside this, researchers have identified Buterat, a newly emerged backdoor to infiltrate enterprise and government networks. Adding to the surge in advanced threats, ChillyHell, a modular macOS backdoor, has been found leveraging Launch Agents for persistence. Read further for more cybersecurity news.
01
A Chinese APT group deployed Eggstreme, a fileless malware framework, against a Philippine military company in a long-term espionage to deliver EggStremeLoader for persistence and payload execution.
02
A new backdoor malware called Buterat is targeting enterprise and government networks, spreading through phishing emails and trojanized downloads.
03
New registered domains have been discovered that are tied to the ongoing operations of the e-crime group PoisonSeed, known for phishing and credential theft campaigns.
04
ChillyHell, a modular macOS backdoor, has been discovered that uses Launch Agents for persistence, evasion techniques to bypass detection, and modules for reconnaissance, data theft, and RCE.
05
NVIDIA disclosed three high-severity vulnerabilities (CVE-2025-23342, CVE-2025-23343, CVE-2025-23344) in its NVDebug tool that could allow attackers to gain elevated system access, execute code, or tamper with data.
06
An improper access control vulnerability (CVE-2024-40766) in SonicWall devices allows unauthenticated remote attackers to bypass authentication, gain unauthorized access, and potentially crash the device.
07
CISA warned about multiple critical ICS flaws in Rockwell and ABB products that attackers could exploit to disrupt operational technology networks.
08
A vulnerability has been identified in the Cursor AI code editor, where a malicious file can silently execute code upon folder opening, enabling attackers to steal secrets, alter files, or exfiltrate data.
09
Cybersecurity startup Koi raised $48 million in Seed and Series A funding led by Battery Ventures, Team8, Picture Capital, and NFX, with participation from Cerca Partners.
10
Accenture has acquired identity and access management firm IAMConcepts, with the deal sum undisclosed.
