Back in 2024, Kaspersky researchers gave a brief description of a complex cyberespionage campaign that we dubbed “PassiveNeuron”. This campaign involved compromising the servers of government organizations with previously unknown APT implants, named “Neursite” and “NeuralExecutor”.
However, since its discovery, the PassiveNeuron campaign has been shrouded in mystery. For instance, it remained unclear how the implants in question were deployed or what actor was behind them. After the researchers detected this campaign and prevented its spreading back in June 2024, they did not see any further malware deployments linked to PassiveNeuron for quite a long time, about six months. However, since December 2024, Kaspersky researchers have observed a new wave of infections related to PassiveNeuron, with the latest ones dating back to August 2025.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cartier confirms data breach, warns customers of potential targeted attacks
June 2, 2025
Cartier, the famous jewellery and watchmaker, is owned by Richemont, a Swiss-based luxury conglomerate has notified customers of a data breach that exposed limited personal information following a security lapse in its systems. The brand said the breach was swiftly contained and emphasised that no financial or sensitive login data was compromised. In a letter sent ...
- Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
May 31, 2025
A mystery whistleblower calling himself GangExposed has exposed key figures behind the Conti and Trickbot ransomware crews, publishing a trove of internal files and naming names. The leaks include thousands of chat logs, personal videos, and ransom negotiations tied to some of the most notorious cyber-extortion gangs —believed to have raked in billions from companies, hospitals, ...
- Eight things we learned from WhatsApp vs. NSO Group spyware lawsuit
May 30, 2025
On May 6, WhatsApp scored a major victory against NSO Group when a jury ordered the infamous spyware maker to pay more than $167 million in damages to the Meta-owned company. The ruling concluded a legal battle spanning more than five years, which started in October 2019 when WhatsApp accused NSO Group of hacking more than ...
- Melbourne-based financial services and advice firm hit with cyber attack
May 30, 2025
Financial services aggregate 3P Corporation has denied its data was breached in an April attack; however, hackers have published more than 200 gigabytes of internal documents and customer data online. The Space Bears ransomware gang listed Victorian financial services firm 3P Corporation as a victim on its darknet leak site in early April, and has since ...
- Exploits and vulnerabilities in Q1 2025
May 30, 2025
The first quarter of 2025, like previous ones, demonstrates a significant number of newly documented vulnerabilities. The trend largely mirrors previous years, so we will focus on new data that can be collected for the most popular platforms. This report examines the characteristics of vulnerabilities in the Linux operating system and Microsoft software, specifically the Windows ...
- Santesoft Releases Security Update for Sante DICOM Viewer Pro
May 30, 2025
The US Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) Medical Advisory for a vulnerability in Santesoft Sante DICOM Viewer Pro. Sante DICOM Viewer Pro is an application for viewing, processing, and editing DICOM-format medical images. CVE-2025-5307 has a CVSSv4 score of 8.4 and is an ‘out-of-bounds read’ vulnerability, which means ...