Law firms are increasingly becoming prime targets for cybercriminals due to the sensitive nature of the data they handle, including client communications, financial records, and legal strategies.

The first half of 2025 witnessed a surge in AI-powered cryptocurrency scams, resulting in over $3.01 billion in stolen assets. These scams leverage artificial intelligence to automate and scale phishing, impersonation, and malware distribution.

A self-replicating JavaScript worm named Shai-Hulud has compromised over 180 npm packages in a rapidly evolving supply chain attack. The worm targets npm developers, leveraging stolen credentials to propagate itself and exfiltrate sensitive data.

Phishing emails accounted for 61% of threats reaching endpoints. Archives were the top delivery method (40%), followed by scripts and executables (35%). Attackers used realistic invoice-themed emails with SVG and PDF attachments to lure victims.

HybridPetya mimics Petya/NotPetya and introduces the ability to bypass UEFI Secure Boot using CVE-2024-7344. Although not yet seen in the wild, it demonstrates a significant evolution in ransomware capabilities by targeting UEFI-based systems.

Akira ransomware affiliates continue to exploit SonicWall firewalls by leveraging a combination of vulnerabilities and misconfigurations. Despite the availability of a patch for CVE-2024-40766, many systems remain unpatched.

Researchers from multiple institutions analyzed 15,000 websites and found that 91% used JavaScript event listeners to monitor user interactions. Approximately 40% of websites captured keystrokes before users pressed submit.

A sophisticated malvertising campaign, dubbed GPUGate, is actively targeting IT professionals in the EU by distributing fake GitHub Desktop installers. The campaign aims to gain initial access to enterprise environments for credential theft.

A significant number of employees are sharing sensitive data like customer records, financial results, and login credentials, with public AI platforms. This data is often submitted from unmanaged devices that security teams cannot monitor.

Railway systems are increasingly vulnerable to cyberattacks due to digital transformation, legacy infrastructure, and geopolitical tensions. A critical b dugiscovered in 2012 allows attackers to remotely trigger emergency brakes on American trains.