Skip to content
Cisco Talos researchers published a detailed technical report on July 16 disclosing UAT-11795, a financially motivated, Russian-speaking threat actor that has been running a malware campaign against users in the United States and Europe since at least June 2025. The operation distributes trojanized installers for software that IT professionals and developers actually use: MobaXterm, Cisco Webex, Z...
New Russian Campaign Uses Fake Webex and Zoom Installers to Deploy Starland RAT | Huntaegis