[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"focus:new-sharkloader-malware-deploys-cobalt-strike-in-strikeshark-cyberattacks-mqvf7hx8":3},{"item":4},{"id":5,"title":6,"slug":7,"summary":8,"severity":9,"category":10,"cve_ids":11,"affected_products":12,"action_required":17,"article_ids":18,"ioc_summary":20,"source_urls":21,"status":23,"expires_at":24,"created_at":25,"updated_at":26,"articles":27},"12225979-9902-44a6-823a-22af7b3d04b8","New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks","new-sharkloader-malware-deploys-cobalt-strike-in-strikeshark-cyberattacks-mqvf7hx8","SharkLoader malware is actively deploying Cobalt Strike Beacon in the StrikeShark campaign targeting government, diplomatic, and software development organizations in Indonesia, Taiwan, and beyond. Attackers are exploiting known Exchange vulnerabilities (ProxyLogon, ProxyNotShell) for initial access. Successful compromise leads to command and control via Cobalt Strike, enabling lateral movement and data exfiltration.","critical","advisory",[],[13,14,15,16],"Kaspersky","Exchange Server","Openfire","GeoServer","Hunt for and block SharkLoader and Cobalt Strike IOCs across your network. Prioritize monitoring Exchange servers for exploitation attempts and suspicious authentication patterns. Scan for lateral movement and beacon callbacks.",[19],"6b91d4bc-fd8a-4697-95e9-9519bf4724c8",null,[22],"https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Fnew-sharkloader-malware-deploys-cobalt.html","active","2026-06-28T21:05:42.011+00:00","2026-06-26T21:05:46.482792+00:00","2026-06-26T21:05:51.961639+00:00",[28],{"id":19,"title":6,"url":22}]