⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More

Cyber threats didn’t slow down last week—and attackers are getting smarter. We’re seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild.

But that’s just the surface. From sleeper logic bombs to a fresh alliance between major threat groups, this week’s roundup highlights a clear shift: cybercrime is evolving fast, and the lines between technical stealth and strategic coordination are blurring.

It’s worth your time. Every story here is about real risks that your team needs to know about right now. Read the whole recap.

****⚡ Threat of the Week****

Curly COMrades Abuses Hyper-V to Hide Malware in Linux VMs — Curly COMrades, a threat actor supporting Russia’s geopolitical interests, has been observed abusing Microsoft’s Hyper-V hypervisor in compromised Windows machines to create a hidden Alpine Linux-based virtual machine and deploy malicious payloads. This method allows the malware to run completely outside the host operating system’s visibility, effectively bypassing endpoint security tools. The campaign, observed in July 2025, involved the deployment of CurlyShell and CurlyCat. The victims were not publicly identified. The threat actors are said to have configured the virtual machine to use the Default Switch network adaptor in Hyper-V to ensure that the VM’s traffic travels through the host’s network stack using Hyper-V’s internal Network Address Translation (NAT) service, causing all malicious outbound communication to appear to originate from the legitimate host machine’s IP address. Further investigation has revealed that the attackers first used the Windows Deployment Image Servicing and Management (DISM) command-line tool to enable the Hyper-V hypervisor, while disabling its graphical management interface, Hyper-V Manager. The group then downloaded a RAR archive masquerading as an MP4 video file and extracted its contents. The archive contained two VHDX and VMCX files corresponding to a pre-built Alpine Linux VM. Lastly, the threat actors used the Import-VM and Start-VM PowerShell cmdlets to import the virtual machine into Hyper-V and launch it with the name WSL, a deception tactic meant to give the impression that the Windows Subsystem for Linux was employed. “The sophistication demonstrated by Curly COMrades confirms a key trend: as EDR/XDR solutions become commodity tools, threat actors are getting better at bypassing them through tooling or techniques like VM isolation,” Bitdefender said. The findings paint a picture of a threat actor that uses sophisticated methods to maintain long-term access in target networks, while leaving a minimal forensic footprint.

****🔔 Top News****

• ‘Whisper Leak’ That Identifies AI Chat Topics in Encrypted Traffic — Microsoft has disclosed details of a novel side-channel attack targeting remote language models that could enable a passive adversary with capabilities to observe network traffic to glean details about model conversation topics despite encryption protections. “Cyber attackers in a position to observe the encrypted traffic (for example, a nation-state actor at the internet service provider layer, someone on the local network, or someone connected to the same Wi-Fi router) could use this cyber attack to infer if the user’s prompt is on a specific topic,” the company said. The attack has been codenamed Whisper Leak. In a proof-of-concept (PoC) test, researchers found that it’s possible to glean conversation topics from Alibaba, DeepSeek, Mistral, Microsoft, OpenAI, and xAI models with a success rate of over 98%. In response, OpenAI, Mistral, Microsoft, and xAI have deployed mitigations to counter the risk.
• Samsung Mobile Flaw Exploited as Zero-Day to Deploy LANDFALL Android Spyware — A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a “commercial-grade” Android spyware dubbed LANDFALL in precision attacks in Iraq, Iran, Turkey, and Morocco. The activity involved the exploitation of CVE-2025-21042 (CVSS score: 8.8), an out-of-bounds write flaw in the “libimagecodec.quram.so” component that could allow remote attackers to execute arbitrary code, according to Palo Alto Networks Unit 42. The issue was addressed by Samsung in April 2025. LANDFALL, once installed and executed, acts as a comprehensive spy tool, capable of harvesting sensitive data, including microphone recording, location, photos, contacts, SMS, files, and call logs. While Unit 42 said the exploit chain may have involved the use of a zero-click approach to trigger the exploitation of CVE-2025-21042 without requiring any user interaction, there are currently no indications that it has happened or that there exists an unknown security issue in WhatsApp to support this hypothesis. The Android spyware is specifically designed to target Samsung’s Galaxy S22, S23, and S24 series devices, along with Z Fold 4 and Z Flip 4. There are no conclusive clues yet on who is involved, nor is it clear how many people were targeted or exploited.
• Hidden Logic Bombs in Malicious NuGet Packages Go Off Years After Deployment — A set of nine malicious NuGet packages has been identified as capable of dropping time-delayed payloads to sabotage database operations and corrupt industrial control systems. The packages were published in 2023 and 2024 by a user named “shanhai666” and are designed to run malicious code after specific trigger dates in August 2027 and November 2028, with the exception of one library, which claims to extend the functionality of another legitimate NuGet package called Sharp7. Sharp7Extend, as it’s called, is set to activate its malicious logic immediately following installation and continues until June 6, 2028, when the termination mechanism stops by itself.
• Flaws in Microsoft Teams Expose Users to Impersonation Risks — A set of four now-patched security vulnerabilities in Microsoft Teams could have exposed users to serious impersonation and social engineering attacks. The vulnerabilities “allowed attackers to manipulate conversations, impersonate colleagues, and exploit notifications,” according to Check Point. These shortcomings make it possible to alter message content without leaving the “Edited” label and sender identity and modify incoming notifications to change the apparent sender of the message, thereby allowing an attacker to trick victims into opening malicious messages by making them appear as if they are coming from a trusted source, including high-profile C-suite executives. The flaws also granted the ability to change the display names in private chat conversations by modifying the conversation topic, as well as arbitrarily modify display names used in call notifications and during the call, permitting an attacker to forge caller identities in the process. The issues have since been addressed by Microsoft.
• Three High-Profile Groups Come Together — Scattered LAPSUS$ Hunters (SLH), a merger formed between Scattered Spider, LAPSUS$, and ShinyHunters, has cycled through no less than 16 Telegram channels since August 8, 2025. The group, which has advertised an extortion-as-a-service offering and is also testing “Sh1nySp1d3r” ransomware, has now been identified not just as a fluid collaboration but as a coordinated alliance blending the operational tactics of the three high-profile criminal clusters under a shared banner for extortion, recruitment, and audience control. The new group is deliberately bringing together the reputational capital associated with the brands to create a potent, unified threat identity. The effort is being seen as the first cohesive alliance inside The Com, a traditionally loose-knit network, leveraging the merger as a force multiplier for financially motivated attacks.

****‎️‍🔥 Trending CVEs****

Hackers move fast. They often exploit new vulnerabilities within hours, turning a single missed patch into a major breach. One unpatched CVE can be all it takes for a full compromise. Below are this week’s most critical vulnerabilities gaining attention across the industry. Review them, prioritize your fixes, and close the gap before attackers take advantage.

This week’s list includes — CVE-2025-20354, CVE-2025-20358 (Cisco Unified CCX), CVE-2025-20343 (Cisco Identity Services Engine), CVE-2025-62626 (AMD), CVE-2025-5397 (Noo JobMonster theme), CVE-2025-48593, CVE-2025-48581 (Android), CVE-2025-11749 (AI Engine plugin), CVE-2025-12501 (GameMaker IDE), CVE-2025-23358 (NVIDIA App for Windows), CVE-2025-64458, CVE-2025-64459 (Django), CVE-2025-12058 (Keras AI), CVE-2025-12779 (Amazon WorkSpaces client for Linux), CVE-2025-12735 (JavaScript expr-eval), CVE-2025-62847, CVE-2025-62848, CVE-2025-62849 (QNAP QTS and QuTS hero), CVE-2024-12886, CVE-2025-51471, CVE-2025-48889 (Ollama), CVE-2025-34299 (Monsta FTP), CVE-2025-31133, CVE-2025-52565, CVE-2025-52881 (RunC), CVE-2025-55315 (ASP.NET Core Kestrel server), CVE-2025-64439 (langgraph-checkpoint), CVE-2025-37735 (Elastic Defend on Windows), and seven vulnerabilities in django-allauth.

****📰 Around the Cyber World****

• RDP Accounts Breached to Drop Cephalus Ransomware — A new Go-based ransomware called Cephalus has been breaching organizations by stealing credentials through Remote Desktop Protocol (RDP) accounts that do not have multi-factor authentication (MFA) enabled since mid-June 2025. It’s currently not known if it operates under a ransomware-as-a-service (RaaS). “Upon execution, it disables Windows Defender’s real-time protection, deletes VSS backups, and stops key services such as Veeam and MSSQL to increase its encryption success rate and decrease the chances of recovery,” AhnLab said. “Cephalus uses a single AES-CTR key for encryption, and this key is managed to minimize exposure on the disk and in memory. Finally, the AES key is encrypted using an embedded RSA public key, ensuring that only threat actors with the corresponding RSA private key can decrypt the key. It disrupts dynamic analysis by generating a fake AES key.”
• WhatsApp to Roll Out Enhanced Protections for High-Risk Accounts — Users under a higher risk of being targeted by hacking attempts will soon have the option to enable an extra set of security features on WhatsApp, according to a beta version of the app analyzed by WABetaInfo. Similar to Apple’s Lockdown Mode, the feature blocks media and attachments from unknown senders, adds calling and messaging restrictions, and enables other settings, including silencing unknown callers, restricting automatic group invites to known contacts, disabling link previews, notifying users about encryption code changes, activating two-step verification, and limiting the visibility of personal information for unknown contacts.
• Aurologic Provides Hosting for Sanctioned Entities — German hosting provider aurologic GmbH has emerged as a “central nexus within the global malicious infrastructure ecosystem” providing upstream transit and data center services to a large concentration of high-risk hosting networks, including the Doppelgänger disinformation network and the recently sanctioned Aeza Group, along with Metaspinner net GmbH (AsyncRAT, njRAT, Quasar RAT), Femo IT Solutions Limited (CastleLoader and other malware), Global-Data System IT Corporation (Cobalt Strike, Sliver, Quasar RAT, Remcos RAT, and other malware), and Railnet. The company was established in October 2023. “Despite its core focus on legitimate network and data center operations, Aurologic has emerged as a hub for some of the most abusive and high-risk networks operating within the global hosting ecosystem,” Recorded Future said.
• Australia Sanctions North Korean Threat Actors — The Australian Government has imposed financial sanctions and travel bans on four entities and one individual – Park Jin Hyok, Kimsuky, Lazarus Group, Andariel, and Chosun Expo – for engaging in cybercrime to support and fund North Korea’s unlawful weapons of mass destruction and ballistic missile programs. “The scale of North Korea’s involvement in malicious cyber-enabled activities, including cryptocurrency theft, fraudulent IT work and espionage, is deeply concerning,” the Foreign Affairs ministry said.
• U.K. Takes Action on Spoofed Mobile Numbers — U.K. mobile carriers will upgrade their networks to “eliminate the ability for foreign call centres to spoof U.K. numbers.” The companies will mark when calls come from abroad to prevent scammers from impersonating U.K. phone numbers. The companies will also roll out “advanced call tracing technology” to allow law enforcement the tools to track down scammers operating across the country and dismantle their operations. “It will make it harder than ever for criminals to trick people through scam calls, using cutting-edge technology to expose fraudsters and bring them to justice,” the U.K. government said.
• Security Flaw in Advanced Installer — A vulnerability has been disclosed in Advanced Installer (version 22.7), a framework for building Windows installers. The bug can enable threat actors to hijack app update mechanisms and run malicious external code if update packages are not digitally signed. By default, and in common practice, they are not digitally signed, Cyderes said. According to its website, Advanced Installer is used by developers and system administrators in more than 60 countries “to package or repackage everything from small shareware products, internal applications, and device drivers, to massive mission-critical systems.” The security risk poses a major supply chain risk due to the popularity of Advanced Installer, opening the door for Bring Your Own Updates (BYOU), enabling attackers to hijack trusted updaters to execute arbitrary code, while bypassing security controls. “These attacks are especially dangerous because they exploit trust and scale: a single poisoned update from a widely used tool (for example, an installer or build tool like Advanced Installer) can silently distribute signed, trusted malware to countless global companies, causing broad data theft, operational outages, regulatory penalties, and severe reputational damage across many sectors,” security researcher Reegun Jayapaul said.
• Jailbreak Detection in Authenticator App — Microsoft said it will introduce Jailbreak/Root detection for Microsoft Entra credentials in the Authenticator app starting February 2026. “This update strengthens security by preventing Microsoft Entra credentials from functioning on jail-broken or rooted devices. All existing credentials on such devices will be wiped to protect your organization,” it said. The change applies to both Android and iOS devices.
• Bad Actors Exploit Flaws in RMM Software — Threat actors have been found exploiting known security vulnerabilities in the SimpleHelp Remote Monitoring and Management (RMM) platform (CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728) to gain downstream access into customer environments and deploy Medusa and DragonForce ransomware. “By compromising third-party RMM servers running as SYSTEM, attackers achieved full control over victim networks, deploying discovery tools, disabling defences, exfiltrating data via RClone and Restic, and finally encrypting systems,” Zensec said.
• Cambodia Raids Scam Compounds in Bavet town — The Cambodian government raided two cyber scam compounds in the city of Bavet on November 4, 2025, taking more than 650 suspects, mostly foreign nationals, into custody. One scam compound specialized in impersonating government authorities to threaten victims, while the second site ran fake high-profit investment schemes, forged banking platforms, romance scams, fake marathon registrations, and the use of AI deepfake videos and images to forge identities.
• Samourai Wallet Co-Founder Sentenced to 5 Years in Prison — Keonne Rodriguez, the co-founder and CEO of cryptocurrency mixing service Samourai Wallet, was sentenced to five years in prison. Authorities shut down the Samourai Wallet website in April 2024. The service was used to launder more than $237 million in cryptocurrency linked to hacks, online fraud, and drug trafficking. Samourai Wallet CTO William Lonergan Hill is expected to be sentenced later this month. Both individuals pleaded guilty to money laundering charges back in August.
• Russian Man Pleads Guilty for Yanluowang Attacks — A 25-year-old Russian national, Aleksei Olegovich Volkov, has pleaded guilty to hacking U.S. companies and selling access to ransomware groups. Volkov went online under the hacker name of chubaka.kor, and worked as an initial access broker (IAB) for the Yanluowang ransomware by exploiting security flaws between July 2021 and November 2022. As many as seven U.S. businesses were attacked during that period, out of which an engineering firm and a bank paid a combined $1.5 million in ransoms. Volkov was arrested on January 18, 2024, in Rome and was later extradited to the U.S. to face charges.
• Malicious AI Bots Impersonate Legitimate Agents — Threat actors have been found to develop and deploy bots that impersonate legitimate AI agents from providers like Google, OpenAI, Grok, and Anthropic. “Malicious actors can exploit updated bot policies by spoofing AI agent identities to bypass detection systems, potentially executing large-scale account takeover (ATO) and financial fraud attacks,” Radware said. “Attackers need only spoof ChatGPT’s user agent and use residential proxies or IP spoofing techniques to be classified as a “good AI bot” with POST permissions.”
• Fake Installers Mimic Productivity Tools in Ongoing Campaigns — Information stealer campaigns are leveraging malicious installers impersonating legitimate productivity tools with backdoor capability, which are likely created using EvilAI to distribute malware known as TamperedChef/BaoLoader. “The backdoor is also capable of extracting DPAPI secrets and provides full command-and-control functionality, including arbitrary command execution, file upload and download, and data exfiltration,” CyberProof said. “In most observed cases, the malware proceeds with the deployment of second-stage binaries and establishes additional persistence mechanisms, such as ASEP registry run keys and .LNK startup files.”

****🎥 Cybersecurity Webinars****

• Learn How Top Experts Secure Multi-Cloud Workloads Without Slowing Innovation — Join this expert-led session to learn how to protect your cloud workloads without slowing innovation. You’ll discover simple, proven ways to control identities, meet global compliance rules, and reduce risk across multi-cloud environments. Whether you work in tech, finance, or operations, you’ll leave with clear, practical steps to strengthen security and keep your business agile, compliant, and ready for what’s next.
• Guardrails, Not Guesswork: How Mature IT Teams Secure Their Patch Pipelines — Join this session to learn how to patch faster without losing security. You’ll see real examples of how community repositories like Chocolatey and Winget can expose your network if not managed safely — and get clear, practical guardrails to avoid it. Gene Moody, Field CTO at Action1, will show you exactly when to trust community repos, when to go vendor-direct, and how to balance speed with safety so your patching stays fast, reliable, and secure.
• Discover How Leading Enterprises Are Cutting Exposure Time in Half with DASR — Join this live session to discover how Dynamic Attack Surface Reduction (DASR) helps you cut through endless vulnerability lists and actually stop attacks before they happen. You’ll see how smart automation and context-driven decisions can shrink your attack surface, close hidden entry points, and free your team from alert fatigue. Walk away with a clear plan to reduce exposures faster, strengthen defenses, and stay one step ahead of hackers—without adding extra work.

****🔧 Cybersecurity Tools****

• FuzzForge is an open-source tool that helps security engineers and researchers automate application and offensive security testing using AI and fuzzing. It lets you run vulnerability scans, manage workflows, and use AI agents to analyze code, find bugs, and test for weaknesses across different platforms. It’s built to make cloud and AppSec testing faster, smarter, and easier to scale for individuals and teams.
• Butler is a tool that scans all repositories in a GitHub organization to find and review workflows, actions, secrets, and third-party dependencies. It helps security teams understand what runs in their GitHub environment and produces easy-to-read HTML and CSV reports for audits, compliance checks, and workflow management.
• Find-WSUS is a PowerShell tool that helps security teams and system admins find every WSUS server defined in Group Policy. It checks both normal policy settings and hidden Group Policy Preferences that don’t show up in standard reports. This matters because a compromised WSUS server can push fake updates and take control of all domain computers. Using Find-WSUS ensures you know exactly where your update servers are configured—before attackers do.

Disclaimer: These tools are for educational and research use only. They haven’t been fully security-tested and could pose risks if used incorrectly. Review the code before trying them, test only in safe environments, and follow all ethical, legal, and organizational rules.

****🔒 Tip of the Week****

Stop Sensitive Data From Reaching AI Chats — Many teams use AI chat tools to get things done faster, like writing scripts, fixing bugs, or making reports shorter. But everything typed into these systems leaves your company network and may be stored, logged, or reused. If that data includes credentials, internal code, or client information, it becomes an easy leak point.

Attackers and insiders can retrieve this data later, or models could accidentally expose it in future outputs. One careless prompt can expose a lot more than expected.

✅ Add a security layer before the AI. Use OpenGuardrails or similar open-source frameworks to scan and block sensitive text before it’s sent to the model. These tools integrate directly into your apps or internal chat systems.

✅ Pair it with DLP monitoring. Tools like MyDLP or OpenDLP can watch outbound data for patterns like passwords, API keys, or client identifiers.

✅ Create prompt policies. Define what employees can and can’t share with AI systems. Treat prompts like data, leaving your network.

Don’t trust AI companies to keep your secrets safe. Add guardrails to your workflow and keep an eye on what leaves your space. You don’t want sensitive data to end up training someone else’s model.

****Conclusion****

Just reading headlines won’t cut it. These attacks show what’s coming next—more hidden, more focused, and harder to spot.

Whether you work in security or just want to stay in the loop, this update breaks it down fast. Clear, useful, no extra noise. Take a few minutes and get caught up before the next big threat lands.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.