Cybersecurity researchers uncovered a sophisticated attack targeting a U.S.-based real estate company using the new Tuoni command-and-control framework. The exploit involved social engineering, steganography, and AI-influenced code delivery, highlighting innovative misuse of red team tools. #Tuoni #RedTeamFramework
Keypoints
- An attack utilized the emerging Tuoni C2 framework for remote control and stealthy operations.
- The threat actor used social engineering via impersonation on Microsoft Teams to gain initial access.
- Malicious payloads were concealed using steganography within bitmap images to evade detection.
- The attack involved delivery of PowerShell scripts that executed shellcode in memory, avoiding disk detection.
- Signs of AI assistance were observed in the code structure of the malicious loader, indicating advanced exploit techniques.
Read More: https://thehackernews.com/2025/11/researchers-detail-tuoni-c2s-role-in.html