The Hacker News

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

Russian CTRL toolkit spread via malicious LNK files in February 2026, routing C2 through FRP-tunneled RDP to evade detection.

New RoadK1ll WebSocket implant used to pivot on breached networks

A newly identified malicious implant named RoadK1ll is enabling threat actors to quietly move from a compromised host to ...