In-depth coverage of the latest Ransomware & Malware developments, trends, and analysis — curated daily.
Your coding setup just became a hacker's playground. GlassWorm's latest trick uses a fake WakaTime extension to drop malware across every IDE on your machine.
A fake Apple popup on your Mac browser isn't just annoying—it's the new face of Atomic Stealer, tricking you into Script Editor instead of Terminal. Apple's security patch? Already outflanked.
Picture this: three ransomware crews unleashing chaos on 40% of last month's attacks. Qilin leads the pack at 20%, while the US eats over half the blows.
Dutch hospitals are offline. ChipSoft's ransomware hit knocks out EHR systems, forcing manual ops and exposing healthcare's fragile IT underbelly.
A phishing email disguised as a government notice. Click. LucidRook unfolds its Lua payload, slipping past defenses in targeted hits on Taiwan. Cisco Talos warns: this is mature tradecraft at work.
A shadowy group called UAT-10362 is phishing Taiwanese NGOs with archives hiding LucidRook, a Lua-powered beast that sidesteps defenses like a ghost in the machine. This isn't random spam—it's targeted espionage with tricks straight out of a cyber spy novel.
A quick download for CPU specs just infected thousands with sophisticated malware. CPUID's API breach shows how even trusted diagnostics become hacker bait.
What if your AI image generator was secretly mining crypto for hackers? A new botnet's turning exposed ComfyUI servers into a profit machine, exploiting custom nodes with ruthless efficiency.
A sneaky DLL drops. Then, two rogue drivers rip through 300+ EDRs like tissue paper. Qilin and Warlock just redefined ransomware evasion.
Over three years, Storm-1175 exploited 16 vulnerabilities—including three zero-days—to unleash Medusa ransomware at breakneck speed. Healthcare orgs are bleeding, but who's cashing in?
The ghost of ransomware past has a face: 31-year-old Daniil Shchukin, aka UNKN. Germany's BKA just doxxed the kingpin behind GandCrab and REvil, gangs that pioneered double extortion and billions in hauls.
Forget the headlines — this hits real German businesses that shelled out €1.9M or watched servers die. BKA's got names, but ransomware's hydra heads just grow back.