A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia and Moldova as part of a cyber espionage campaign designed to facilitate long-term access to target networks.”They repeatedly tried to extract the NTDS database from domain controllers — the primary repository for user password hashes and authentication data in a Windows network,”
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/08/new-curly-comrades-apt-using-ngen-com.html
