Intelligence Insights: March 2025

**Executive Summary:** This intelligence brief highlights the continued presence and detection of USB worms—including Phorpiex, Tangerine Turkey, Gamarue, and PyFileDel—explaining their propagation via removable media, environment-specific risk factors (notably in manufacturing), and practical mitigations and detection opportunities such as monitoring Windows Explorer spawning cmd.exe to detect common worm execution patterns.