Threat Intelligence Executive Report – Volume 2025, Number 5
This issue of the Counter Threat Unit’s high-level bimonthly report discusses noteworthy updates in the threat landscape during July and August
Similar Posts
Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters
Bys sThreat actors are leveraging public GitHub repositories to host malicious payloads and distribute them via Amadey as part of a campaign observed in April 2025. “The MaaS [malware-as-a-service] operators used fake GitHub accounts to host payloads, tools, and Amadey plug-ins, likely as an attempt to bypass web filtering and for ease of use,” Cisco Talos…
FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant
Bys sCybersecurity experts have released a decryptor for a ransomware strain called FunkSec, allowing victims to recover access to their files for free. “Because the ransomware is now considered dead, we released the decryptor for public download,” Gen Digital researcher Ladislav Zezula said. FunkSec, which emerged towards the end of 2024, has claimed 172 victims, according…
Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell
Bys sCybersecurity researchers have discovered what they say is the earliest example known to date of a malware with that bakes in Large Language Model (LLM) capabilities. The malware has been codenamed MalTerminal by SentinelOne SentinelLABS research team. The findings were presented at the LABScon 2025 security conference. In a report examining the malicious use of…
U.K.: Two arrested over cyber attack which stole thousands of nursery children’s data
Bys sThere’s been an arrest in the Kido school cyberattack incident. itvX reports: Two people have been arrested after hackers stole information about thousands of children from a nursery chain. Two men aged 17 and 22 were arrested in Bishop’s Stortford, Hertfordshire, on suspicion of computer misuse and blackmail, the Metropolitan Police said. They remain in……
Children’s Health Ireland faces investigation over data breach of health records at Tallaght Hospital
Bys sAndrew Walsh reports: The Data Protection Commission (DPC) has launched a formal inquiry into Children’s Health Ireland (CHI) following concerns about the security of children’s health records at its Tallaght University Hospital (TUH) facility. The inquiry comes after the DPC received information from multiple sources, including protected disclosures and a breach notification submitted by CHI…….
Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks
Bys sCybersecurity researchers have discovered a malicious package in the Python Package Index (PyPI) repository that introduces malicious behavior through a dependency that allows it to establish persistence and achieve code execution. The package, named termncolor, realizes its nefarious functionality through a dependency package called colorinal by means of a multi-stage malware operation, Zscaler