The cybersecurity landscape has witnessed a dramatic 700% increase in ransomware attacks targeting hypervisors, with their role in malicious encryption surging from 3% in the first half of the year to 25% in the second half.

Initial Access Brokers have become pivotal in the cybercrime ecosystem, facilitating the outsourcing of intrusion tasks to advanced adversaries. This commoditization of access to critical systems allows IABs to sell access to the highest bidder.

The FBI has issued a warning about a new scam where criminals harvest photos from social media platforms like Facebook, LinkedIn, and X to stage fake kidnappings. These photos are used as "proof-of-life" to extort ransom from the victim's family.

The UK's National Cyber Security Centre (NCSC) has issued a warning about the persistent threat of "prompt injection" attacks on AI systems. These attacks manipulate AI models into executing unintended commands, posing a significant security risk.

The ToolShell campaign has exposed critical vulnerabilities in Microsoft's SharePoint software, exploited by three Chinese hacking groups: Linen Typhoon, Violet Typhoon, and Storm-2603.

The JS#SMUGGLER campaign leverages compromised websites to deploy the NetSupport RAT, that allows attackers full control over victim systems. The campaign targets enterprise users through a sophisticated multi-stage web-based malware operation.

ChrimeraWire trojan manipulates search engine rankings by simulating user activity through Chrome. Unlike traditional malware, it focuses on boosting the visibility of specific websites in search results rather than stealing data or encrypting files.

Two malicious VSCode extensions, Bitcoin Black and Codo AI, have been identified on Microsoft's registry. These extensions, published under the developer name 'BigBlack', are designed to infect developers' machines with information-stealing malware.

American pharmaceutical firm Inotiv said that an attack had disrupted business operations after some of its networks and systems (including databases and internal applications) were taken down.

A human rights lawyer from Pakistan's Balochistan province received a suspicious link on WhatsApp from an unknown number, marking the first time a civil society member in the country was targeted by Intellexa's Predator spyware.