CSOonline

New Chinese attack framework Alchimist serves Windows, Linux, and macOS implants

Researchers have discovered a new attack framework of Chinese origin that they believe is being used in the wild. The framework is made up of a command-and-control (C2) backend dubbed Alchimist and an ...
Bleeping Computer

New Alchimist attack framework targets Windows, macOS, Linux

Cybersecurity researchers have discovered a new attack and C2 framework called 'Alchimist,' which appears to be actively used in attacks targeting Windows, Linux, and macOS systems. The framework and ...
Dark Reading

Feature-Rich 'Alchimist' Cyberattack Framework Targets Windows, Mac, Linux Environments

Researchers have uncovered a potentially dangerous cyberattack framework targeting Windows, Linux, and Mac systems that they assess is likely already being used in the wild. The framework consists of ...
Infosecurity-magazine.com

AI-Enhanced Tuoni Framework Targets Major US Real Estate Firm

A highly advanced intrusion attempt using the emerging Tuoni C2 framework targeted a major US real estate company in October 2025. The attack, observed by Morphisec and described in an advisory ...
Bleeping Computer

New Specula tool uses Outlook for remote code execution in Windows

Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named "Specula," released today by cybersecurity firm ...
CSOonline

Command-and-control framework PhonyC2 attributed to Iran’s Muddywater group

PhonyC2 was used to exploit the log4j vulnerability in the Israeli software SysAid, the attack against Israel’s Technion institute, and the ongoing attack against the PaperCut print management ...