Cyber Security – Page 24 – Simply Secure Group

Metasploit Adds New Modules Targeting Linux RC4, BeyondTrust, and Registry Persistence

Metasploit Adds New Modules Targeting Linux RC4 The latest Metasploit update, released on February 27, 2026, brings significant firepower to security professionals and penetration testers. The release introduces seven new modules, nine feature enhancements, and critical bug fixes. Standout additions include unauthenticated remote code execution (RCE) exploits for Ollama, BeyondTrust, and Grandstream VoIP devices, alongside […]

Trump Bans Anthropic AI in Federal Agencies Pentagon Flags Claude as Security Risk

The U.S. government has taken unprecedented action against domestic AI firm Anthropic, directing all federal agencies to immediately stop using its AI model Claude and officially designating the company a supply chain risk to national security, a classification historically reserved for foreign adversaries like Huawei. The standoff reached a critical point on February 28, 2026, […]

Researchers Uncover Aeternum C2 Infrastructure with Advanced Persistence and Network Evasion Features

For years, taking down a botnet meant finding its command-and-control (C2) server, seizing the domain, and watching the network go dark. Law enforcement used this method to dismantle major operations like Emotet, TrickBot, and QakBot. A newly discovered botnet loader called Aeternum C2 has been built specifically to close that door, storing all of its […]

Vshell Gains Traction Among Threat Actors as an Alternative to Cobalt Strike

A Go-based command-and-control (C2) framework originally marketed within Chinese-speaking offensive security communities has been quietly expanding its reach, drawing growing attention from threat actors seeking flexible and cost-effective alternatives to expensive commercial tools. Known as Vshell, the tool has evolved well beyond its early roots as a basic remote access tool (RAT) and now poses […]

New Dohdoor Malware Attacking Schools and Health Care Sectors in U.S. via Multi-Stage Attack Chain

A newly discovered malware campaign has been quietly targeting educational institutions and healthcare organizations across the United States since at least December 2025. The threat, tracked under the actor designation “UAT-10027,” deploys a previously unknown backdoor called “Dohdoor,” which uses an advanced combination of stealth techniques and multi-stage delivery to gain persistent access into victim […]

Critical Trend Micro Apex One Vulnerabilities Allows Malicious Code Execution

Trend Micro Apex One Vulnerabilities Trend Micro has released fixes for multiple Apex One vulnerabilities, ranging from High to Critical severity, including management console issues that can lead to remote code execution (RCE). The affected CVEs range from CVE-2025-71210 to CVE-2025-71217, with CVSS v3 scores ranging from 7.2 to 9.8. The February 2026 advisory lists Apex One […]

North Korean APT37 Hackers Leverages Novel Malware to Infect AirGapped Systems

North Korea-linked threat group APT37 has launched a sophisticated new campaign using a fresh set of custom malware tools specifically designed to reach computers that are not connected to the internet — a type of system long considered among the most secure in the world. The campaign, dubbed Ruby Jumper, marks a sharp escalation in the […]

PhishingLed Agent Tesla Campaign Uses Process Hollowing and AntiAnalysis to Evade Detection

A newly uncovered phishing campaign is delivering Agent Tesla, one of the most widely used credential-stealing malware families, through a multi-stage attack chain that leaves almost no trace on a victim’s machine. The campaign uses business-themed phishing emails, obfuscated scripts, and in-memory execution to silently harvest sensitive data from Windows users. With its ability to […]

ResidentBat Android Malware Provides Belarusian KGB with Persistent Access to Mobile Devices

A newly documented Android spyware called ResidentBat has been linked to the Belarusian KGB, giving state operators deep and persistent access to the mobile devices of journalists and civil society members. First publicly reported in December 2025 through a joint investigation by Reporters Without Borders (RSF) and RESIDENT.NGO, the malware’s code history suggests it was quietly developed […]

Google Disrupts Chinese Hackers Infrastructre which Breached 53 Telecom and Government Entities

A suspected Chinese state-linked hacking group has been caught running one of the most far-reaching cyber espionage operations ever uncovered — silently breaching telecom providers and government bodies across four continents for nearly a decade. Google has now stepped in to dismantle that operation entirely, severing the group’s persistent access and releasing threat intelligence to […]

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.