Hyper-V
Russian hackers abuse Hyper-V to hide malware in Linux VMs
The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response solutions by creating a hidden Alpine Linux-based virtual machine to run malware. Inside the virtual environment, the threat actor hosted its custom tools, the CurlyShell reverse shell and the CurlCat reverse proxy, which enabled operational stealth and communication. […]
Windows Server emergency update fixes Hyper-V VM freezes, restart issues
Microsoft has released an emergency update to address a known issue causing some Hyper-V virtual machines with Windows Server 2022 to freeze or restart unexpectedly. These problems mainly impact Azure confidential VMs, which are designed to protect data while being processed, not just when it’s transmitted or stored. Redmond has addressed this issue with the […]
New Windows Server emergency updates fix container launch issue
Microsoft has released emergency Windows Server updates to address a known issue preventing Windows containers from launching. The issue affects only containers running under Hyper-V isolation mode, which allows multiple containers to run simultaneously on a single Windows host inside separate virtual machines. “This update fixes an issue caused by 2025.04 B container images released […]
RedCurl cyberspies create ransomware to encrypt Hyper-V servers
A threat actor named ‘RedCurl,’ known for stealthy corporate espionage operations since 2018, is now using a ransomware encryptor designed to target Hyper-V virtual machines. Previously, RedCurl was spotted by Group-IB targeting corporate entities worldwide, later expanding its operations and increasing the victim count. However, as Bitdefender Labs researchers report, the threat actors have started deploying ransomware […]