InfoSecBulletin Cybersecurity for mankind
RedMike (Salt Typhoon) targeted university devices in Bangladesh, likely to access research in telecommunications, engineering, and technology, especially from institutions like UCLA and TU Delft.
Recorded Futureʼs Insikt Group identified the campaign targeted universities in various countries like Argentina, Indonesia, Malaysia, Mexico, the Netherlands, Thailand, the United States, and Vietnam.
UK Software Firm Exposed 8 million of Healthcare Worker Records
GitHub Enterprise Server Vulns Expose Risk of Code Execution
CVE-2025-2492
ASUS warns of critical auth bypass flaw in routers
16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia
Patch now! Critical Erlang/OTP SSH Vuln Allows UCE
CISA warns of increasing risk tied to Oracle legacy Cloud leak
CVE-2025-20236
Cisco Patches Unauthenticated RCE Flaw in Webex App
Apple released emergency security updates for 2 zero-day vulns
Oracle Released Patched for 378 flaws for April 2025
CVE-2025-24054
Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild
According to the report, RedMike possibly targeted the following universities to access research in areas related to telecommunications, engineering, and technology, particularly at institutions like UCLA and TU Delft.
● Islamic University of Technology (IUT) — Bangladesh
● University of California, Los Angeles (UCLA) — US
● California State University, Office of the Chancellor (CENIC) — US
● Loyola Marymount University — US
● Utah Tech University — US
● Universidad de La Punta — Argentina
● Universitas Sebelas Maret — Indonesia
● Universitas Negeri Malang — Indonesia
● University of Malaya — Malaysia
● Universidad Nacional Autonoma — Mexico
● Technische Universiteit Delft — The Netherlands
● Sripatum University — Thailand
● University of Medicine and Pharmacy at Ho Chi Minh City — Vietnam
On the other hand, a sophisticated malware campaign is targeting military and government entities in Bangladesh. It uses social engineering to deliver malicious files disguised as official documents, aiming to infiltrate secure networks, steal credentials, and access sensitive systems.
Threat Intelligence Community of Bangladesh warns that a malware campaign is exploiting the critical WinRAR vulnerability (CVE-2023-38831) in versions before 6.23. This vulnerability allows malicious files, like 508.rar, to execute arbitrary code on affected systems, which may lead to unauthorized access or malware installation.
This campaign emphasizes the ongoing cyber threats to Bangladesh’s critical sectors. Experts urges all entities to be more vigilant and take proactive security measures.
Malware campaign target Bangladeshi Government Entities: Report
