Tomiris wreaks Havoc: New tools and techniques of the APT group

Kaspersky reports that the Tomiris APT launched a 2025 campaign targeting foreign ministries, intergovernmental organizations, and government entities using multi-language implants (Go, Rust, C/C#/C++, Python, PowerShell), leveraging public services (Telegram/Discord) for C2 and deploying post-exploitation frameworks (AdaptixC2, Havoc); the report includes detailed technical analysis, attack chains, and extensive IOCs (file hashes, domains, IPs, URLs, webhooks) for detection and mitigation.