A loose collective of mostly low-skilled actors, CyberVolk absorbs and adapts a wide array of destructive malware for use against political targets.
Kryptina's adoption by Mallox affiliates complicates malware tracking as ransomware operators blend different codebases into new variants.
Cloud attack tool has been repurposed by multiple threat actors to push SMS spam and smishing campaigns through major SaaS providers.
Actors are masquerading as hacktivists targeting AI-centric communities with commodity malware and customized LockBit payloads.
Threat actors leverage cloud services to conduct massive smishing campaign through AWS Simple Notification Service.
FBot arms threat actors with a multi-function attack tool designed to hijack cloud, Saas and web services.
Cloud credentials stealing campaign expands to target Azure and Google Cloud via unpatched web app vulnerabilities.
Availability of leaked Babuk source code is fuelling a proliferation of file lockers targeting VMware ESXi.
New Linux version of the IceFire ransomware have been observed in recent network intrusions of media and entertainment enterprises.
An in-the-wild ELF variant of Cl0p ransomware shows the gang is looking beyond traditional Windows targets.
