> TritonInfoSec News
Home / Feb 28, 2026 / Story
0
#2 BleepingComputer general February 27, 2026 at 19:21 UTC

APT37 hackers use new malware to breach air-gapped networks

By Bill Toulas

AI Summary

North Korean APT37 (ScarCruft) deployed new tools including a backdoor using Zoho WorkDrive for C2 communications and USB-based malware to breach air-gapped networks and conduct covert surveillance. The Ruby Jumper campaign demonstrates advanced techniques for moving data between isolated and internet-connected systems via removable media.

Read full article → https://www.bleepingcomputer.com/news/security/apt…

Relevance score: 95.0/100

# More from February 28

  1. 1
    Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access The Hacker News
  2. 3
    CISA warns that RESURGE malware can be dormant on Ivanti devices BleepingComputer
  3. 4
    900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks The Hacker News
  4. 5
    Europol-led crackdown on The Com hackers leads to 30 arrests BleepingComputer
  5. 6
    Google quantum-proofs HTTPS by squeezing 2.5kB of data into 64-byte space Ars Technica Security
  6. 7
    DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams The Hacker News
  7. 8
    Ukrainian man pleads guilty to running AI-powered fake ID site BleepingComputer
  8. 9
    New AirSnitch attack breaks Wi-Fi encryption in homes, offices, and enterprises Ars Technica Security
  9. 10
    Ransomware payment rate drops to record low despite attack surge BleepingComputer