Skip to main content

Tag: dll sideloading

5 articles

A laptop screen displays a software update, with a subtle shadow of a hand in the background, symbolizing exploitation.

ViPNet Update System Exploited in HelloNet APT Campaign

Kaspersky uncovered a sneaky APT campaign, HelloNet, that exploited the ViPNet Update System to spread malware, starting as far back as May 2026. The attackers cleverly used a malicious library to hijack the ViPNet updater, allowing them to siphon off sensitive info and clean up their tracks.

Analyst 207
Blurred computer screen at a corporate office workstation in bright daylight.

ToddyCat APT Group Exploits Google API for Email Access

Meet ToddyCat, a sneaky APT group that's taken automation to the next level with its new tool, Umbrij - allowing it to secretly tap into corporate email and cloud resources by exploiting Google API. This stealthy move has helped ToddyCat remain undetected by monitoring systems, leaving organizations vulnerable to attack.

Analyst 207
Interior of an electronics manufacturing facility with technicians at workstations.

Iranian Hackers Target Electronics Maker in Global Espionage Push

Iran-linked hackers, known as MuddyWater, infiltrated a major South Korean electronics manufacturer's network for a week in February 2026, as part of a massive global cyber-espionage campaign targeting nine high-profile organizations across multiple sectors and countries.

Analyst 207
Cluttered office desk with laptop and smartphone, screens blurred.

Malicious Site Exploits AI Interest to Deploy Beagle Backdoor

Beware of a fake website masquerading as Anthropic's Claude interface, tricking users into downloading a 505 MB ZIP archive that unleashes a new, previously undocumented Windows backdoor called Beagle. This malicious campaign uses a convincing imitation of the legitimate site to spread the infection.

Analyst 207
Brightly-lit server room with subtle signs of security breach.

China-Linked Hackers Expose Wide-Ranging Espionage Campaign

Meet SHADOW-EARTH-053, a China-aligned espionage group that's been secretly lurking in the shadows since December 2024, using clever tactics like exploiting vulnerabilities and deploying web shells to gain persistent access to sensitive targets. Their sophisticated attacks have been linked to other notorious intrusion sets, revealing a vast and complex espionage campaign.

Analyst 207