Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Known Indicators of Compromise Associated with Androxgh0st Malware, to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware.
Androxgh0st malware establishes a botnet for victim identification and exploitation in vulnerable networks, and targets files that contain confidential information, such as credentials, for various high profile applications. Threat actors deploying Androxgh0st malware have been observed exploiting specific vulnerabilities which could lead to remote code execution, including:
In response, CISA is adding these CVEs to its Known Exploited Vulnerabilities Catalog.
CISA and FBI encourage organizations to review and implement the mitigations found in the joint CSA to reduce the likelihood and impact of cybersecurity incidents caused by Androxgh0st malware. For more information, visit CISA’s Malware, Phishing, and Ransomware page.
CISA released four Industrial Control Systems (ICS) advisories on August 19, 2025. These advisories provide…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released thirty-two Industrial Control Systems (ICS) advisories on August 14, 2025. These advisories provide…
CISA, along with the National Security Agency, the Federal Bureau of Investigation, Environmental Protection Agency,…
This website uses cookies.