Related Posts

Türkiye-Based Hackers Exploit Zero-Day in Output Messenger to Deploy Golang Backdoors on Kurdish Servers

May 13, 2025
Category: Zero-Day / Vulnerability

A Türkiye-linked threat actor has exploited a zero-day vulnerability in the Indian enterprise communication tool Output Messenger as part of a cyber espionage campaign that began in April 2024. According to the Microsoft Threat Intelligence team, these exploits have led to the collection of sensitive user data from targets in Iraq. The focus of the attacks appears to align with the Kurdish military in Iraq, consistent with the previously documented objectives of the group known as Marbled Dust. This threat group, which has also been referred to as Silicon, Cosmic Wolf, Sea Turtle, Teal Kurma, and UNC1326, has been active since at least 2017. However, it wasn’t until 2019 that Cisco Talos documented their activities against both public and private entities in the Middle East and North Africa. Early last year, the group was also noted for targeting telecommunications and media sectors.

Moldovan Police Detain Suspect Linked to €4.5 Million Ransomware Attack on Dutch Research Institution

May 13, 2025
Cybercrime / Ransomware

Authorities in Moldova have arrested a 45-year-old foreign national suspected of orchestrating multiple ransomware attacks against Dutch businesses in 2021. “He is wanted internationally for various cybercrimes, including ransomware attacks, blackmail, and money laundering targeting firms in the Netherlands,” officials stated on Monday. As part of the operation, police confiscated over €84,000 ($93,000) in cash, an electronic wallet, two laptops, a mobile phone, a tablet, six bank cards, two data storage devices, and six memory cards. While the suspect’s identity remains undisclosed, he was apprehended during a search of his residence in Moldova. Notably, he is accused of launching a ransomware attack on the Netherlands Organization for Scientific Research (NWO) in February 2021, resulting in damages estimated at €4.5 million. This incident also led to the leak of internal documents.