Verticals Targeted: Not specified
Regions Targeted: None
Related Families: Petya, NotPetya, NotPetyaAgain, RedPetyaOpenSSL
HybridPetya
Sep 22, 2025 2:40:03 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Malware Analysis, Petya, NotPetya, HybridPetya, UEFI bootkit, CVE-2024-7344, Secure Boot bypass, Master File Table
New MacOS.ZuRu Variant Discovered
Jul 22, 2025 3:05:50 PM / by The Hivemind posted in Threat Bulletin, Evolving Threat, Malware Analysis, Cybersecurity Threat, MacOS malware, ZuRu malware, Termius trojan, macOS security, backdoor threat, SSH client attack, Khepri C2, developer security
Verticals Targeted: IT, software development
Regions Targeted: None specified
Related Families: None
Executive Summary
A new variant of the macOS.ZuRu malware, first identified in 2021, was discovered, leveraging a trojanized Termius application to deploy a modified Khepri C2 beacon, targeting developers and IT professionals. This sophisticated backdoor employs advanced techniques to evade detection and establish persistent remote access.
Wicked Panda Targets Government Entities, Uses Google Calendar for C2
Jun 6, 2025 2:50:40 PM / by The Hivemind posted in Threat Bulletin, APT41, Wicked Panda, TOUGHPROGRESS malware, Google Calendar C2, Spear Phishing, Government Cyberattack, Chinese Cyber Espionage, Cloud Service Abuse, Malware Analysis, Data Exfiltration
Verticals Targeted: Government
Regions Targeted: Not specified
Related Families: VOLDEMORT, DUSTTRAP