Compromise of CPUID distribution channels delivers trojanized system monitoring tools

A maintainer of the widely used Axios npm package was targeted in a highly tailored social engineering campaign attributed to North Korean threat actor UNC1069, resulting in the compromise of npm account credentials and the publication of two trojanized versions of Axios (1.14.1 and 0.30.4). Google Threat Intelligence Group (GTIG) attributed the attack to UNC1069 based on the use of WAVESHAPER.V2 and infrastructure overlaps with past activities. The malicious packages were available for roughly three hours and injected a plain-crypto-js dependency that installed a cross-platform RAT, enabling credential theft and downstream compromise. The campaign also targeted additional maintainers, including Pelle Wessman (Mocha framework) and Node.js core contributors, revealing a coordinated effort against high-impact maintainers. The intrusion began with reconnaissance-driven impersonation of a legitimate company founder, engagement via a cloned Slack workspace and Microsoft Teams call, and execution of a fake system update that deployed the RAT. Post-incident, the maintainer reset devices, rotated all credentials, adopted immutable releases, introduced OIDC-based publishing flows, and updated GitHub Actions workflows to mitigate future risks.

Supply chain compromise in Trivy scanner triggers CanisterWorm propagation across CI/CD pipelines, now expanding to encompass additional open-source ecosystems and attributed to multiple advanced threat actors. The TeamPCP threat group continues to monetize stolen supply chain secrets through partnerships with extortion groups including Lapsus$ and the Vect ransomware operation, with Wiz (Google Cloud) confirming collaboration and horizontal movement across cloud environments. Cisco’s internal development environment was breached using stolen Trivy-linked credentials via a malicious GitHub Action, resulting in the theft of over 300 repositories, including proprietary AI product code and data belonging to corporate customers such as banks, BPOs, and US government agencies. Attackers also abused stolen AWS keys across a subset of Cisco’s cloud accounts, with multiple threat actors observed participating in the breach. New developments include the compromise of the Axios NPM package, a top-10 JavaScript library with over 400 million monthly downloads, via malicious versions 0.27.5 and 0.28.0. The attack delivered a multi-platform RAT through a malicious dependency impersonating crypto-js, with operational sophistication including pre-staging, platform-specific payloads, and anti-forensic cleanup. Initial attribution suggested TeamPCP involvement, but Google attributed the incident to UNC1069, a suspected North Korean actor linked to Lazarus Group, indicating potential actor diversification or false-flag operations. The Axios compromise highlights escalating tradecraft in open-source supply chain attacks, distinct from opportunistic infections and suggesting a focus on access brokering or targeted espionage rather than indiscriminate data theft.

Operation ForumTroll, discovered in March 2025, targeted Russian organizations and individuals using a zero-day vulnerability in Google Chrome (CVE-2025-2783). The campaign, also tracked as TaxOff/Team 46 by Positive Technologies and Prosperous Werewolf by BI.ZONE, delivered malware linked to the Italian spyware vendor Memento Labs. The attacks used phishing emails with malicious links to infect victims, targeting media outlets, universities, research centers, government organizations, financial institutions, and other organizations in Russia and Belarus. The malware, identified as LeetAgent and Dante, was used to steal data and maintain persistence on compromised systems. Memento Labs, formed after InTheCyber Group acquired Hacking Team, presented its Dante spyware at a conference in 2023. The malware was used in attacks dating back to at least 2022. The attacks involved sophisticated techniques to ensure only targeted victims were compromised. The zero-day vulnerability (CVE-2025-2783) was discovered and reported to Google by researchers at Kaspersky Lab earlier in 2025. The exploit bypassed Chrome's sandbox protections by exploiting a logic vulnerability in Chrome caused by an obscure quirk in the Windows OS. The exploit used pseudo handles to disable sandbox functionality, allowing unauthorized access to privileged processes. The exploit represents a new class of vulnerabilities that could affect other applications and Windows services. The group known as Mem3nt0 mori, also referred to as ForumTroll APT, is linked to Operation ForumTroll. The attacks began in March 2025 with highly personalized phishing emails inviting victims to the Primakov Readings forum. The flaw in Chrome stemmed from a logical oversight in Windows' handling of pseudo handles, allowing attackers to execute code in Chrome's browser process. Google patched the issue in version 134.0.6998.177/.178. Firefox developers found a related issue in their browser, addressed as CVE-2025-2857. Kaspersky's researchers concluded that Mem3nt0 mori leveraged Dante-based components in the ForumTroll campaign, marking the first observed use of this commercial spyware in the wild. The discovery underscores ongoing risks from state-aligned and commercial surveillance vendors. Kaspersky urged security researchers to examine other software and Windows services for similar pseudo-handle vulnerabilities. In a new wave of attacks detected in October 2025, the threat actor targeted individuals in Russia, specifically scholars in political science, international relations, and global economics, working at major Russian universities and research institutions. The latest attack wave used emails claiming to be from eLibrary, a Russian scientific electronic library, with messages sent from the address 'support@e-library[.]wiki'. The domain was registered in March 2025, six months before the start of the campaign, indicating preparations for the attack had been underway for some time. The emails contained links to a malicious site to download a plagiarism report, which, when clicked, downloaded a ZIP archive named with the victim's last name, first name, and patronymic. The links were designed for one-time use, displaying a Russian language message stating 'Download failed, please try again later' if accessed more than once. The archive contained a Windows shortcut (LNK) that, when executed, ran a PowerShell script to download and launch a PowerShell-based payload from a remote server. The payload contacted a URL to fetch a final-stage DLL and persist it using COM hijacking, also downloading and displaying a decoy PDF to the victim. The final payload was a command-and-control (C2) and red teaming framework known as Tuoni, enabling remote access to the victim's Windows device. ForumTroll has been targeting organizations and individuals in Russia and Belarus since at least 2022.

The MuddyWater threat actor, linked to Iran and also known as Static Kitten, Mercury, and Seedworm, has conducted a global phishing campaign targeting over 100 organizations, including government entities, embassies, diplomatic missions, foreign affairs ministries, consulates, international organizations, and telecommunications firms in the Middle East and North Africa (MENA) region. The campaign used compromised email accounts to send phishing emails with malicious Microsoft Word documents containing macros that dropped and launched the Phoenix backdoor, version 4. This backdoor provided remote control over infected systems. The campaign was active starting August 19, 2025, and used a command-and-control (C2) server registered under the domain screenai[.]online. The attackers employed three remote monitoring and management (RMM) tools and a custom browser credential stealer, Chromium_Stealer. The malware and tools were hosted on a temporary Python-based HTTP service linked to NameCheap's servers. The campaign highlights the ongoing use of trusted communication channels by state-backed threat actors to evade defenses and infiltrate high-value targets. The server and server-side command-and-control (C2) component were taken down on August 24, 2025, likely indicating a new stage of the attack. The MuddyWater threat actor has also targeted Israeli entities spanning academia, engineering, local government, manufacturing, technology, transportation, and utilities sectors. The hacking group has delivered a previously undocumented backdoor called MuddyViper. The attacks also singled out one technology company based in Egypt. The attack chains involve spear-phishing and the exploitation of known vulnerabilities in VPN infrastructure to infiltrate networks and deploy legitimate remote management tools. The campaign uses a loader named Fooder that decrypts and executes the C/C++-based MuddyViper backdoor. The MuddyViper backdoor enables the attackers to collect system information, execute files and shell commands, transfer files, and exfiltrate Windows login credentials and browser data. Additionally, the MuddyWater threat actor has deployed a new backdoor called UDPGangster that uses the User Datagram Protocol (UDP) for command-and-control (C2) purposes. The attack chain involves using spear-phishing tactics to distribute booby-trapped Microsoft Word documents that trigger the execution of a malicious payload once macros are enabled. The phishing messages impersonate the Turkish Republic of Northern Cyprus Ministry of Foreign Affairs and purport to invite recipients to an online seminar titled "Presidential Elections and Results." The VBA script in the dropper file is equipped to conceal any sign of malicious activity by displaying a Hebrew-language decoy image from Israeli telecommunications provider Bezeq about supposed disconnection periods in the first week of November 2025 across various cities in the country. UDPGangster establishes persistence through Windows Registry modifications and boasts of various anti-analysis checks to resist efforts made by security researchers to take it apart. UDPGangster connects to an external server ("157.20.182[.]75") over UDP port 1269 to exfiltrate collected data, run commands using "cmd.exe," transmit files, update C2 server, and drop and execute additional payloads. The MuddyWater threat actor has launched a new campaign targeting diplomatic, maritime, financial, and telecom entities in the Middle East with a Rust-based implant codenamed RustyWater. The campaign uses icon spoofing and malicious Word documents to deliver Rust-based implants capable of asynchronous C2, anti-analysis, registry persistence, and modular post-compromise capability expansion. The RustyWater implant gathers victim machine information, detects installed security software, sets up persistence by means of a Windows Registry key, and establishes contact with a command-and-control (C2) server (nomercys.it[.]com) to facilitate file operations and command execution. The RustyWater implant is also referred to as Archer RAT and RUSTRIC. The use of RUSTRIC was previously flagged by Seqrite Labs as part of attacks targeting IT, MSPs, human resources, and software development companies in Israel. Historically, MuddyWater has relied on PowerShell and VBS loaders for initial access and post-compromise operations, but the introduction of Rust-based implants represents a notable tooling evolution toward more structured, modular, and low noise RAT capabilities. The MuddyWater threat actor has launched a new campaign codenamed Operation Olalampo targeting organizations and individuals in the Middle East and North Africa (MENA) region. The campaign involves the deployment of new malware families including GhostFetch, HTTP_VIP, CHAR, and GhostBackDoor. GhostFetch is a first-stage downloader that profiles the system, validates mouse movements, checks screen resolution, and fetches and executes secondary payloads directly in memory. GhostBackDoor is a second-stage backdoor delivered by GhostFetch that supports an interactive shell, file read/write, and re-run GhostFetch. HTTP_VIP is a native downloader that conducts system reconnaissance and deploys AnyDesk from the C2 server. CHAR is a Rust backdoor controlled by a Telegram bot (username "stager_51_bot") that executes cmd.exe or PowerShell commands. The PowerShell command executed by CHAR is designed to execute a SOCKS5 reverse proxy or another backdoor named Kalim, upload data stolen from web browsers, and run unknown executables referred to as "sh.exe" and "gshdoc_release_X64_GUI.exe." The MuddyWater threat actor has been observed exploiting recently disclosed vulnerabilities on public-facing servers to obtain initial access to target networks. The MuddyWater APT group remains an active threat within the MENA region, with this operation primarily targeting organizations in the MENA region. The MuddyWater threat actor has targeted US companies in a new campaign that started in early February 2026. The campaign involves a previously unknown backdoor dubbed 'Dindoor' by cyber threat researchers. The Dindoor backdoor leverages Deno, the secure runtime for JavaScript and TypeScript, to execute. The backdoor was signed with a certificate issued to 'Amy Cherne'. An attempt to exfiltrate data from a software company using Rclone to a Wasabi cloud storage bucket was observed. A different, Python backdoor called Fakeset was found on the networks of a US airport. The Fakeset backdoor was signed by certificates issued to 'Amy Cherne' and 'Donald Gay'. The Donald Gay certificate has been used previously to sign malware linked to MuddyWater. The Donald Gay certificate was also used to sign a sample from the malware family tracked as 'Stagecomp', which downloads the Darkcomp backdoor. The Stagecomp and Darkcomp malware have been linked to MuddyWater by security vendors including Google, Microsoft, and Kaspersky.

The North Korean Lazarus Group (UNC1069, also tracked as WaterPlum) continues to expand its operations with new malware and refined tactics targeting the cryptocurrency and defense sectors. Recent activity includes the deployment of StoatWaffle, a modular malware delivered via malicious Visual Studio Code (VS Code) projects, which abuses auto-run tasks to maintain persistence and execute next-stage payloads. The malware includes stealer and RAT modules, targeting sensitive data such as browser credentials and iCloud Keychain on macOS. The threat actor has also disseminated additional malware families—including PylangGhost, PolinRider, and FlexibleFerret (WeaselStore)—through npm packages, GitHub repositories, and staged recruitment processes. Targets include founders, CTOs, and senior engineers in cryptocurrency and Web3 sectors, often approached via LinkedIn or fake job interviews. Microsoft has introduced mitigations in VS Code (v1.109/1.110) to block auto-run tasks, addressing abuse of the 'tasks.json' file. The campaign overlaps with previously documented activity by UNC1069 and GhostCall, highlighting the group's persistent focus on the open-source ecosystem and cross-platform attacks.