APT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine

July 2, 2025

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new cyber attack campaign by the Russia-linked APT28 (aka UAC-0001) threat actors using Signal chat messages to deliver two previously undocumented malware families dubbedd BEARDSHELL and COVENANT.
BEARDSHELL, per CERT-UA, is written in C++ and offers the ability to download and execute PowerShell scripts, as well as

Source: Read More

Previous ArticleSwiss government warns attackers have stolen sensitive data, after ransomware attack at Radix

Next Article China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

Highlights

CVE-2025-27025 – Apache HTTP Server Directory Traversal File Read/Write Vulnerability

July 2, 2025

CVE ID : CVE-2025-27025

Published : July 2, 2025, 10:15 a.m. | 1 hour, 28 minutes ago

Description : The target device exposes a service on a specific TCP port with a configured
endpoint. The access to that endpoint is granted using a Basic Authentication
method. The endpoint accepts also the PUT method and it is possible to
write files on the target device file system. Files are written as root.
Using Postman it is possible to perform a Directory Traversal attack
and write files into any location of the device file system. Similarly to the PUT method, it is possible to leverage the
same mechanism to read any file from the file system by using the GET
method.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Psychology Of Color In UX Design And Digital Products

This week in AI dev tools: Claude Sonnet 4’s larger context window, ChatGPT updates, and more (August 15, 2025)

Sentry launches MCP monitoring tool

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

Your smart home device just got a performance and security boost for free

Ultrahuman brings advanced cycle and ovulation tracking to its smart ring

DistroWatch Weekly, Issue 1135

14 secret phone codes that unlock hidden features on your Android and iPhone

Air Quality Prediction System using Python ML

Air Quality Prediction System using Python ML

AI’s Hidden Thirst: The Water Behind Tech

Minesweeper game in 100 lines of pure JavaScript – easy tutorial

DistroWatch Weekly, Issue 1135

DistroWatch Weekly, Issue 1135

Ubuntu’s New “Dangerous” Daily Builds – What Are They?

gofmt – formats Go programs

APT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine

Scaling Up Reinforcement Learning for Traffic Smoothing: A 100-AV Highway Deployment

Repurposing Protein Folding Models for Generation with Latent Diffusion

CVE-2025-3771 – Acronis True Image Local File Write

CVE-2025-43545 – Adobe Bridge Uninitialized Pointer Remote Code Execution Vulnerability

CVE-2025-46220 – Apache HTTP Server Unvalidated User Input

CVE-2025-0921 – Mitsubishi Electric GENESIS64/MC Works64 Symbolic Link Privilege Escalation Vulnerability

CVE-2025-27025 – Apache HTTP Server Directory Traversal File Read/Write Vulnerability

CVE-2025-8742 – Macrozheng Mall Admin Login Remote Authentication Bypass Vulnerability

Vision Foundation Models: Implementation and Business Applications

JFrog finds MCP-related vulnerability, highlighting need for stronger focus on security in MCP ecosystem

APT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine

Related Posts