In recent weeks, a new and rapidly expanding ransomware-as-a-service (RaaS) program called VanHelsingRaaS has been making waves in the cybercrime world, having infected three victims within just two weeks of its introduction.

Check Point Research discovered a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. The campaigns are linked to Blind Eagle and deliver malicious .url files.

Check Point Research dissected Akira ransomware’s Rust version, targeting ESXi servers, revealing how Rust's design, compiler optimizations, and library usage complicate reverse-engineering.

In a campaign targeting hundreds of organizations worldwide, cyber criminals are exploiting Microsoft Visio files (.vsdx) and SharePoint to execute two-step phishing attacks.

Styx Stealer is based on the Phemedrone Stealer and is available for purchase online. It has the ability to steal passwords, cookies, crypto wallet data, and messenger sessions, as well as gather system information.

Server-Side Template Injection (SSTI) vulnerabilities are a growing concern in web applications, allowing attackers to inject malicious code into templates and gain control over servers.

Process Injection is a vital technique used by attackers to evade detection and escalate privileges. Thread Name-Calling has emerged as a new injection technique that abuses Windows APIs for thread descriptions to bypass endpoint protection products.

Research conducted by Check Point has revealed how fraudsters are exploiting legitimate blockchain protocols to carry out sophisticated scams. The Uniswap Protocol and Safe.global are among the platforms targeted by these attackers.

The deployment of BugSleep is a significant development in MuddyWater's tactics, targeting various sectors with phishing emails leading to the distribution of Remote Management Tools and the BugSleep malware.

Compiled V8 JavaScript in Google's engine converts JavaScript into low-level bytecode, making analysis and detection difficult. Attacks using this bytecode ensure compatibility with the V8 engine for successful execution.