The article highlights that attackers are increasingly breaching systems before security patches are implemented, emphasizing the need for a proactive security approach. It details the exploitation of a Windows 0-day vulnerability (CVE-2025-29824) by a group identified as Storm-2460 for ransomware attacks. Furthermore, it discusses another instance where ESET antivirus was compromised by the China-aligned APT group, ToddyCat, leading to the silent execution of malware. The overarching message stresses that organizations must prepare for contingencies and anticipate that trust in any system might be misplaced.
Even after a breach is detected and patched, some attackers stay hidden.
It's not enough to react after an attack. You have to assume that any system you trust today could fail tomorrow.
An exploit for the vulnerability has been found to be delivered via a trojan called PipeMagic.
The China-aligned advanced persistent threat (APT) group ToddyCat has exploited a vulnerability in ESET's antivirus software.
Collection
[
|
...
]