A malicious campaign attributed to the group “CL-STA-1020” has been observed targeting government agencies in Southeast Asia, leveraging a previously undocumented Windows backdoor, dubbed HazyBeacon. According to a security researcher from Unit 42, “This backdoor leverages a novel C2 technique in which the backdoor establishes C2 communication via AWS Lambda URLs.” Additionally, the motive behind continue reading : HazyBeacon Backdoor Observed in Attacks Against Southeast Asian Government Agencies

Microsoft has released its June 2025 Patch Tuesday security updates, addressing multiple vulnerabilities across its products, including one that has been detected as exploited in the wild. Tracked as CVE-2025-33053, a vulnerability in WebDAV that could allow an unauthorized attacker to execute code over a network. A security researcher from Check Point Research has uncovered continue reading : Microsoft Releases June 2025 Patch Tuesday Security Updates

SentinelLabs of SentinelOne has observed and defended a malicious campaign targeting public sector organizations and global industries, including their own organization Based on the official blog released, there are 6 activities that have been observed and tracked to the activity of cluster PurpleHaze and ShadowPad. _____________________________ A. Nature of Malicious Campaign ShadowPad Cluster SentinelLabs has continue reading : ShadowPad and PurpleHaze: Cyberespionage Campaigns Targeting Government and Global Industries

A malicious campaign attributed to the APT group known as “Earth Lamia” has exploited weaknesses in web applications to gain access to organizations, using various techniques to steal information. The group has primarily targeted Brazil, India, and countries in Southeast Asia. Initially focused on financial services, Earth Lamia later shifted its attention to logistics and continue reading : Earth Lamia Targets Organizations in Brazil, India, and Southeast Asia