'Lorem Ipsum' Malware Pivots to ClickFix Delivery
New analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and data extortion group Vice Society.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
New analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and data extortion group Vice Society.
Shanya is the latest in an emerging field of packing malware, selling obfuscation functionality in order to help ransomware actors reach their target.
The malware, which has traits of Petya ransomware and the infamous NotPetya wiper, is designed to target UEFI-based systems, according to researchers.
New features to take over smartphones and monitor user activity demonstrate the continued evolution of the malware, which is now being spread on GitHub.
Attackers are wielding the sophisticated modular malware while exploiting CVE-2025-29824, a previously zero-day flaw in Windows Common Log File System (CLFS) that allows attackers to gain system-level privileges on compromised systems.
DPRK hackers are throwing every kind of malware at the wall and seeing what sticks, deploying stealers, backdoors, and ransomware all at once.
The first documented deployment of the novel malware in a campaign against the Middle Eastern public sector and aviation industry may be tied to China's state-sponsored actor Earth Baxia.
In the past, the bulletproof group has been affiliated with many well-known ransomware and malware groups, such as BianLian and Lumma Stealer.
The group is using the Medusa malware and taking up space once held by other notable ransomware groups like LockBot, increasing its victim list to 400 and demanding astoundingly high ransoms.
The future of the formerly fearsome cybercriminal group remains uncertain as key members have moved to a new affiliation, in fresh attacks that use novel persistence malware BackConnect.
Pivoting from prior cyber espionage, the threat group deployed its backdoor tool set to ultimately push out RA World malware, demanding $2 million from its victim.
Concerns include everything from ransomware, malware, and phishing attacks on the game's infrastructure to those targeting event sponsors and fans.
Qualified applicants must be able to test ransomware encryption and find bugs that might enable defenders to jailbreak the malware.
The latest version of the evolving threat is a multi-stage attack demonstrating a move away from ransomware to purely espionage activities, typically targeting Ukraine and its supporters.
With an immature codebase and a "rather chaotic encryption scheme" prone to failure, the group targets small businesses with custom malware.
The pivot is one of several changes the groups using the malware have used in recent attacks.
The RaaS group that distributes Hive ransomware delivers new malware impersonating as validly signed network-administration software to gain initial access and persistence on targeted networks
The prolific ransomware group has shifted away from phishing as the method of entry into corporate networks, and is now using initial access brokers as well as its own tools to optimize its most recent attacks.
Attackers clear logs before exploitation and use "no caller ID" numbers to negotiate ransoms, complicating detection and forensics efforts.
A new, improved variant on the group's malware combines fileless infection, BYOVD, and more to cause havoc in virtual environments.