New! Try the FREE Predictive Security Plugin for WordPress – Scan, Secure & Stay Safe in Seconds!

Current CyberSecurity Advisories

Threat Actors Target U.S. Critical Infrastructure with LummaC2 Malware

Release date

21 May 2025

Alert rating

HIGH

Description

Today, CISA and the Federal Bureau of Investigation released a joint Cybersecurity Advisory, LummaC2 Malware Targeting U.S. Critical Infrastructure Sectors.

Audience

Cyber security professionalsLarge organisationsPublic sectorGovernment

Current update

Today, CISA and the Federal Bureau of Investigation released a joint Cybersecurity Advisory, LummaC2 Malware Targeting U.S. Critical Infrastructure Sectors.

This advisory details the tactics, techniques, and procedures, and indicators of compromise (IOCs) linked to threat actors deploying LummaC2 malware. This malware poses a serious threat, capable of infiltrating networks and exfiltrating sensitive information, to vulnerable individuals’ and organizations’ computer networks across U.S. critical infrastructure sectors.

As recently as May 2025, threat actors have been observed using LummaC2 malware, underscoring the ongoing threat. The advisory includes IOCs tied to infections from November 2023 through May 2025. Organizations are strongly urged to review the advisory and implement the recommended mitigations to reduce exposure and impact.

This product is provided subject to this Notification and this Privacy & Use policy.

Source

https://www.cisa.gov/news-events/alerts/2025/05/21/threat-actors-target-us-critical-infrastructure-lummac2-malware

Protect your assets with Predictive

🤖 Hello, how can I assist you today?
I can help you with:
✅ Answer questions related to the website.
✅ Help you understand things you don't know.

❓ What's Tisalabs

💻 What's IoT

🔒 Why sensor data must be protected?