New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks

August 12, 2025
No Comments

New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks

A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia and Moldova as part of a cyber espionage campaign designed to facilitate long-term access to target networks.
“They repeatedly tried to extract the NTDS database from domain controllers — the primary repository for user password hashes and authentication data in a Windows network,”

Leave a Reply Cancel reply

Breach at Dutch Lab Exposes Data of 485,000 in Cervical Cancer Screening August 12, 2025
A breach at a Dutch laboratory has exposed the personal and medical data of more than 485,000 women in the national cervical cancer screening programme. The attack hit Clinical Diagnostics NMDL, a Eurofins subsidiary in Rijswijk. The lab tests self-sample kits and smear test samples for Bevolkingsonderzoek Nederland (Population Research Netherlands). Bad actors accessed names, […]
Kirsten Doyle
Researchers Expose GPT-5 Jailbreak That Bypasses Safety Controls August 12, 2025
Cybersecurity researchers at two companies have uncovered a jailbreak technique that bypasses ethical guardrails set up by OpenAI in its latest large language model (LLM), GPT-5, and produces illicit instructions. AI security startup SPLX, used more than 1,000 adversarial prompts in different configurations and found that the raw, unguarded GPT-5 without a system prompt will […]
Kirsten Doyle
Invitation Is All You Need: How Researchers Used a Calendar Event to Hijack Gemini Agents August 11, 2025
A Google Calendar invite. That’s all it took. Researchers from SafeBreach Labs have shown that an LLM-powered assistant like Google’s Gemini can be tricked into running malicious commands, accessing sensitive data, and even manipulating physical devices in a victim’s home, without a single click. Their work introduces a new variant of Promptware, called Targeted Promptware […]
Kirsten Doyle
Red Canary Flags Rapid Rise in Cloud-Based Attacks August 11, 2025
Red Canary has published its mid-year update to the 2025 Threat Detection Report, and the message is that threat actors are shifting tactics, and identity is the new battleground. Based on detections gathered in the first half of the year, the update shows a marked rise in cloud and identity threats, along with troubling signs […]
Kirsten Doyle
Over a Million Medical Devices Exposed Online, Revealing Private Patient Scans August 7, 2025
The healthcare industry’s digital expansion may be exposing more than it protects. How would you feel if strangers online saw your MRI scan and knew your diagnosis, maybe even before you did? That’s not a hypothetical, it’s already happening. New research from Modat shows that more than 1.2 million internet-connected healthcare devices and systems are […]
Kirsten Doyle
What Happens When Devices Cross Borders? The Role of Geofencing in Global IT August 7, 2025
Regional conflicts have triggered a significant corporate exodus, with many organizations shifting bases. This resulted in employees and their devices constantly being on the move. However, this isn’t an entirely new phenomenon. Nearly half a decade ago, the post-pandemic era had already ushered in a generation of borderless businesses and digital nomads. Globalization, economic incentives, […]
Apu Pavithran
All That Glitters Isn’t Secure: Pandora Confirms Data Breach August 7, 2025
Pandora, the world’s largest jewelry brand by revenue, has confirmed it was the target of a cyberattack that exposed customer data. The Danish company, known for its charm bracelets and global retail presence, said the breach occurred via a third-party platform it uses for customer services. The incident, first reported by Forbes, adds Pandora to […]
Kirsten Doyle
WhatsApp Shuts Down 6.8 Million Scam Accounts August 7, 2025
WhatsApp has removed nearly seven million accounts tied to global scams in just six months, the BBC reports. According to parent company Meta, many of these accounts were traced back to scam centres in South East Asia, some operated by criminal networks using forced labour. The revelation comes alongside WhatsApp’s rollout of new anti-scam tools, […]
Kirsten Doyle
The Hidden Threats of Agentic AI August 6, 2025
The autonomy of agentic AI is exciting, until it isn’t. With more initiative comes more unpredictability, which opens the door to serious, often overlooked security risks. From hijacked instructions to cascading failures across digital supply chains, agentic AI isn’t just smart—it’s dangerous when unchecked. Before we give these systems the keys to the digital kingdom, […]
Isla Sibanda
Behind the Seams: Chanel Joins List of Luxury Brands Hit by Data Breaches August 6, 2025
Chanel has confirmed a data breach that affected its U.S. client care database. The news first came from WWD on Friday. The incident happened on July 25 and involved unauthorized access to a database managed by a third-party provider. A company spokeswoman confirmed the incident, saying: “The investigation indicates that there was unauthorized access to […]
Kirsten Doyle

New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks

The Ultimate Battle: Enterprise Browsers vs. Secure Browser Extensions

Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses

Leave a Reply Cancel reply

[email protected]

New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks

New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks

Share :

Leave a Reply Cancel reply