APT36 hackers abuse Linux .desktop files to install malware
The Pakistani APT36 cyberspies are using Linux .desktop files to load malware in new attacks against government and defense entities in India. [...]
Abuse covers the misuse of accounts, services, and systems for fraud, intrusion, harassment, or other harmful cyber activity.
Search across headline titles and summaries.
Background for this topic.
Abuse in cybersecurity means using systems, networks, or services in unauthorized or harmful ways, such as sending spam, hijacking accounts, or launching Distributed Denial of Service (DDoS) attacks. It often exploits weak authentication, misconfigurations, or gaps in policies to gain access or disrupt services. Common abuse techniques include credential stuffing, phishing, and using compromised infrastructure to amplify attacks.
Managing abuse is critical because it can degrade service availability, expose sensitive data, and damage organizational reputation. Security teams focus on detecting unusual activity patterns, enforcing multi-factor authentication, and applying rate limits to reduce automated abuse. Timely abuse reporting and automated detection tools help identify and block malicious behavior, making abuse mitigation a key part of maintaining secure and reliable systems.
The Pakistani APT36 cyberspies are using Linux .desktop files to load malware in new attacks against government and defense entities in India. [...]
Darktrace observed a coordinated campaign on customer SaaS accounts, all of which involved logins from IP addresses linked to VPS providers
New research highlights how threat actors abuse legitimate virtual private server offerings in order to spin up infrastructure cheaply, quietly, and fast.
Some LLM-created scripts and emails can lower the barrier of entry for low-skill attackers, who can use services like Lovable to create convincing, effective websites in minutes.