The cybercrime underworld is throwing a malware mixer, and everyone’s invited. Heavy hitters like FIN7, FIN8, and others are passing around the Ragnar Loader toolkit like a hot potato. The ESP32 microchip has been caught hiding multiple undocumented commands - little Easter eggs that could turn into a playground for mischief if the wrong hands get curious. Ransomware crews are swapping chaos for precision in their latest heist spree. Ditching the scattershot vuln-hunting approach, groups are now zeroing in on the low-hanging fruit. Read on for more.
01
Several cybercrime and ransomware groups, including Ragnar Locker (aka Monstrous Mantis), FIN7, FIN8, and Ruthless Mantis have been using the Ragnar Loader malware toolkit.
02
The ESP32 microchip, manufactured by Espressif and used in over 1 billion devices, has been found to contain 29 undocumented commands that could potentially be used for malicious purposes.
03
A vulnerability, identified as CVE-2025-24043, has been discovered in Microsoft's WinDbg debugger. This flaw could allow RCE due to improper cryptographic signature verification in the SOS debugging extension.
04
A widespread mobile phishing campaign is currently targeting U.S. residents with fake texts about unpaid parking violations, pretending to be from various city parking departments.
05
Volt, a popular functional API for Livewire with over 1.08 million downloads, has addressed a critical RCE vulnerability, tracked as CVE-2025-27517.
06
U.S. authorities seized $23 million in cryptocurrency linked to a $150 million Ripple wallet theft, which is suspected to be connected to the 2022 LastPass breach.
07
The use of unauthorized copies of the testing tool Cobalt Strike has decreased by 80% over the last two years, following a global crackdown led by Fortra, Microsoft, and Health-ISAC.
08
As per a report, ransomware groups transitioned from mass exploitation of vulnerabilities to more reliable and repeatable methods, such as targeting weak credentials on VPN and gateway accounts without MFA.
09
A new survey by SoSafe noted that 87% of security professionals have encountered AI-driven cyberattacks in the past year, with 91% anticipating a significant increase in such threats over the next three years.
