Dark Reading

Pro-Russian Hackers Use Linux VMs to Hide in Windows

Threat actors supporting Russia's geopolitical interests are using Linux-based virtual machines (VMs) to obfuscate their activities from Windows endpoint security tools. The group is tracked as "Curly ...
TechRadar

Russian hackers hit Windows machines via Linux VMs with new custom malware

Curly COMrades deployed Alpine Linux VMs on Windows hosts to hide reverse-shell malware activity VM traffic tunneled via host IP, bypassing traditional EDR and masking outbound communications Targets ...
Hosted on MSN

Ransomware hackers are now running Linux encryptors in Windows to stay undetected

Qilin ransomware uses WSL to run Linux encryptors stealthily on Windows systems Attackers bypass Windows defenses by executing ELF binaries inside WSL environments EDR tools miss WSL-based threats, ...
WeLiveSecurity

Award-winning news, views, and insight from the ESET security community

This month in security with Tony Anscombe – November 2025 edition Data exposure by top AI companies, the Akira ransomware haul, Operation Endgame against major malware families, and more of this month ...