CVE Tools
Back to feed
The Hacker News ·EN News source PoC publicMicrosoft SharePointZimbra Collaboration SuiteMicrosoft Exchange Server

New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks

By The Hacker News··4 min read
CVE Tools coverage

A newly identified campaign dubbed StrikeShark distributes the previously unknown Windows malware family SharkLoader, which then deploys Cobalt Strike Beacon on compromised systems. Kaspersky reports targeting includes organizations in Indonesia, Taiwan, and multiple other countries, using publicly available post-compromise tools and opportunistic exploitation of exposed services. The initial access leverages vulnerabilities such as ProxyLogon (CVE-2021-26855), Openfire traversal flaws (CVE-2023-32315), and GeoServer remote code execution (CVE-2024-36401), highlighting an elevated risk of espionage and follow-on payload delivery.