Anubis: A Closer Look at an Emerging Ransomware with Built-in Wiper

A new ransomware-as-a-service (RaaS) group has emerged and has been making a name for itself in 2025. Anubis is a recently identified group that sets itself apart by partnering encryption with more destructive capabilities—wiping directories which severely impact chances of Read More …

US government’s vaccine website defaced with AI-generated content

A U.S. government website designed to inform the public about vaccines has been defaced and now hosts apparently AI-generated spam. The domain, which belongs to the U.S. Department of Health and Human Services (HHS), appears to have been hosting the Read More …

Toxic trend: Another malware threat targets DeepSeek

DeepSeek-R1 is one of the most popular LLMs right now. Users of all experience levels look for chatbot websites on search engines, and threat actors have started abusing the popularity of LLMs. kaspersky previously reported attacks with malware being spread Read More …

BlackSuit Continues Social Engineering Attacks in Wake of Black Basta’s Internal Conflict

There has been a significant decrease in social engineering attacks linked to the Black Basta ransomware group since late December 2024. This lapse also included the leaked Black Basta chat logs in February 2025, indicating internal conflict within the group. Read More …

Sleep with one eye open: how Librarian Ghouls steal data by night

Librarian Ghouls, also known as “Rare Werewolf” and “Rezet”, is an APT group that targets entities in Russia and the CIS. The group has remained active through May 2025, consistently targeting Russian companies. A distinctive feature of this threat is Read More …

Fortinet Flaws Exploited by Qilin Ransomware

Fortinet was recently found to have certain vulnerabilities that hackers like the Qilin group exploited. Here’s how they manipulated these weaknesses: Misconfigurations in security appliances provided a direct entry point for Qilin.Outdated Software: Failure to update Fortinet software allowed the Read More …

GoldenEye Dog(APT-Q-27) gang’s recent use of “Silver Fox” Trojan stealing activities

GoldenEyeDog (tracked internally as APT-Q-27 by Qi’anxin) is a hacking group targeting people involved in gaming and dog-pushing in Southeast Asia, as well as the overseas Chinese community, with a range of business activities including remote control, mining, DDoS attacks, Read More …

Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721

The abuse of known security flaws to deploy bots on vulnerable systems is a widely recognized problem. Many automated bots constantly search the web for known vulnerabilities in servers and devices connected to the internet, especially those running popular services. Read More …

Texas: Drivers’ data compromised in TxDOT data breach of nearly 300,000 crash reports

The Texas Department of Transportation said it is reaching out to Texans whose personal data was compromised during a data breach that led to the improper download of nearly 300,000 crash reports. Personal data included in crash reports includes: full Read More …

Ransomware hiding in fake AI, business tools

Artificial intelligence (AI) and small business tools are being abused as smokescreens to hit unsuspecting victims with ransomware. In the masquerade campaigns discovered by Cisco Talos, cybercriminals hid malware behind software and install packages that mimicked the websites or names Read More …