Today's Core Dump is brought to you by ThreatPerspective

Russian spies pack custom malware into hidden VMs on Windows machines

Curly COMrades strike again Russia's Curly COMrades is abusing Microsoft's Hyper-V hypervisor in compromised Windows machines to create a hidden Alpine Linux-based virtual machine that bypasses endpoint security tools, giving the spies long-term network access to snoop and deploy malware.

Published: 2025-11-04T18:53:59