New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware
Microsoft has taken apart a destructive Windows backdoor it calls GigaWiper. What stands out is how it is built: not one tool but three older destructive pro...
20 articles
Microsoft has taken apart a destructive Windows backdoor it calls GigaWiper. What stands out is how it is built: not one tool but three older destructive pro...
GigaWiper is a destructive backdoor that combines multiple wiping and ransomware-like capabilities into a single operational platform. This blog analyzes how...
A foreign, financially motivated group was responsible for a cyberattack on state-owned forestry company Latvijas Valsts Mezi (LVM), officials said.
A targeted GodDamn ransomware incident shows the payload is not entirely new but the latest rebrand of a long-running family. Analysis reveals strong code ov...
Cybersecurity researchers have flagged a new ransomware family called GodDamn that employs the PoisonX kernel driver to neutralize security software as part ...
Hackers accessed the institution’s internal network and deleted two drives containing employee, student, and university data. The post Mount Royal University...
A recent technical analysis of an Everest ransomware encryptor reveals a purpose-built, ConfuserEx-protected .NET 4.
A 15-year-old boy asked a chatbot for help - and cancelled nearly 47,000 anime streaming subscriptions in under four hours. Meanwhile, researchers have docum...
The CIRCIA rule mandates that critical infrastructure entities report substantial cyber incidents within 72 hours and ransomware payments within 24 hours.
TeamPCP’s wide-scale supply-chain compromises have materially fueled VECT ransomware operations by supplying a vast archive of stolen CI/CD credentials, resh...
The Gentlemen ransomware underscores a challenge many CISOs face: stopping attackers after they gain an initial foothold. Researchers say the malware can spr...
The CSE's annual report details three foreign "active cyber operations" targeting threats to Canadian national security.
A ransomware-as-a-service gang, an online foreign extremist group and drug traffickers were separately the targets of offensive operations in 2025, according...
The AI agent didn’t accomplish every step in the late June 2026 attack, but it allowed the threat actor to significantly reduce complexity, speed up the temp...
A streaming box should not need a threat model. Neither should a username field, a demo repo, a reset flow, or a browser permission prompt.
For the latest discoveries in cyber research for the week of 6th July, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES River Bank ...
A fully autonomous AI agent conducted an end-to-end cyber intrusion and extortion campaign after exploiting a vulnerable Langflow server, demonstrating how l...
Researchers have revealed JadePuffer, the first agentic AI-powered ransomware campaign, highlighting how autonomous agents can automate cyber-attacks
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted entirely by a large language model (LL...
A previously undocumented malware framework, tracked as Avalon, that uses a spoofed legal-document lure and a multi-stage, fileless-oriented chain to deliver...