Gremlin Stealer: New Stealer on Sale in Underground Forum

Unit 42 researchers have identified new information-stealing malware written in C#, called Gremlin Stealer. This stealer’s authors have actively advertised it on a Telegram group since mid-March 2025. This information-stealing malware exfiltrates data from its victims and uploads this information Read More …

Outlaw cybergang attacking targets worldwide

In a recent incident response case in Brazil, we dealt with a relatively simple, yet very effective threat focused on Linux environments. Outlaw (also known as “Dota”) is a Perl-based crypto mining botnet that typically takes advantage of weak or Read More …

Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors

Trend Research uncovered a sophisticated APT campaign targeting government and telecommunications sectors in Southeast Asia. Named Earth Kurma, the attackers use advanced custom malware, rootkits, and cloud storage services for data exfiltration. Earth Kurma demonstrates adaptive malware toolsets, strategic infrastructure Read More …

FBI Seeking Tips about PRC-Targeting of US Telecommunications

FBI is issuing this announcement to ask the public to report information about PRC-affiliated activity publicly tracked as “Salt Typhoon” and the compromise of multiple US telecommunications companies, especially information about specific individuals behind the campaign. Investigation into these actors Read More …

Commvault Releases Security Updates for Command Center

Commvault has released a security advisory to address a critical vulnerability in its Command Center Platform. Command Center is Commvault’s all-in-one solution for managing Commvault services within a corporate environment. CVE-2025-34028 is a path traversal vulnerability with a CVSSv3 base Read More …

Health insurance firm Blue Shield data breach exposed data of over 4.7 million members

Health insurance firm Blue Shield has revealed a data breach has exposed protected health data of over 4.7 million members. The information was leaked to Google’s analytics and advertisement platforms following a misconfiguration of Google analytics on Blue Shield sites. Read More …