A deep-dive analysis by Gen Digital (Gen Threat Labs) has unveiled AuraStealer, an emerging Malware-as-a-Service (MaaS) that is rapidly gaining traction in underground forums by leveraging a devious distribution tactic known as “Scam-Yourself.”

A deceptive social engineering tactic known as “ClickFix” has evolved into a gateway for major ransomware attacks, with researchers uncovering a direct link between these fake verification prompts and the notorious Qilin ransomware group.

Activity dating back to 2023 reveals malicious actors have impersonated senior U.S. state government, White House, and Cabinet level officials, as well as members of Congress to target individuals.

CISA, National Security Agency, and Canadian Centre for Cyber Security have released an update to the Malware Analysis Report BRICKSTORM Backdoor with indicators of compromise (IOCs) and detection signatures for additional BRICKSTORM samples.

Artem Aleksandrovych Stryzhak, 35, was extradited from the Spanish city of Barcelona earlier this year after being arrested in June 2024. He pleaded guilty to one count of conspiracy to commit computer fraud, according to the US Justice Department.

A sophisticated malware distribution campaign has been identified, leveraging the YouTube Ghost Network to deploy GachiLoader, a heavily obfuscated Node.js-based loader. This loader delivers Rhadamanthys infostealer to unsuspecting victims.

The Clop ransomware gang is actively targeting Gladinet CentreStack file servers in a new data theft extortion campaign. This campaign involves scanning for and breaching Internet-exposed CentreStack servers.

Microsoft has released an out-of-band (OOB) update (KB5074976) to address issues with the Message Queuing (MSMQ) functionality in Windows 10, which arose after the December 9, 2025, update.

A sophisticated phishing campaign has been identified, utilizing weaponized PDF documents to steal corporate credentials. The phishing emails contain a PDF attachment named "NEW Purchase Order # 52177236.pdf.

The emergence of DIG AI, an uncensored darknet AI assistant, has been identified as a significant threat, with a notable increase of over 200% in mentions and use of malicious AI tools from 2024 to 2025.