Stealthy new backdoor surfaces in attacks on multiple sectors
A relatively new backdoor called Mistic has been deployed in multiple attacks since April 2026 targeting organizations in the insurance, education, IT, and p...
20 articles
A relatively new backdoor called Mistic has been deployed in multiple attacks since April 2026 targeting organizations in the insurance, education, IT, and p...
Analysis of ransomware incidents by researchers at Black Kite found that attacks have risen by over 50% in the last year, with supply chain attacks increasing
Europol, in collaboration with global law enforcement agencies and private sector partners, has successfully disrupted a significant cybercrime-as-a-service ...
Explore an analysis of Mexico’s 2025–2030 National Cybersecurity Plan.
Researchers have identified a new backdoor program that has been used in enterprise intrusions since April and appears to be linked to an initial access brok...
A malicious Microsoft Edge extension dubbed 'Edgecution' has been used in a ransomware attack to escape the browser sandbox and deploy a Python-based backdoo...
Operation Endgame disrupted malware services like StealC and Amadey that enable ransomware, fraud, and attacks on critical infrastructure.
A coordinated law enforcement operation, in partnership with private sector companies, including Bitdefender, Bitsight, ESET, and Microsoft, has resulted in ...
Operation Endgame, the largest international law enforcement operation aimed at disrupting ransomware and cybercrime infrastructure across the world, has cla...
Microsoft, Europol, and international partners have disrupted infrastructure used by the Amadey and StealC malware operations as part of Operation Endgame, w...
The company said in a regulatory filing that it became aware of the incident on Tuesday morning and had taken precautionary measures to contain its impact.
The Python-based remote access trojan ModeloRAT and a newly observed stealth backdoor, dubbed Backdoor.Mistic, to activity consistent with an initial access ...
An NCC Group report warns state-backed hackers are attempting to hide activity by posing as ransomware groups and deploying commercially available malware
Mistic is used by Woodgnat, an initial access broker working with Qilin, Interlock, Rhysida, Akira, 8Base, and Black Basta. The post New ‘Mistic’ RAT Opens D...
A concerted campaign by an initial access broker with ties to the Payouts King ransomware ecosystem that leverages a novel browser-based delivery technique t...
A new backdoor dubbed Mistic has been observed in financially motivated attacks targeting organizations in the insurance, education, IT, and professional ser...
Bajaj Auto has reported a ransomware attack that affected its internal systems and those of its wholly owned subsidiary, Bajaj Auto Technology Ltd (BATL). Th...
What began as a routine ransomware investigation uncovered two unrelated attackers operating inside the same victim network at the same time, each obscuring ...
Microsoft’s latest incident write-up shows that a single intrusion can mask two parallel threat activity streams, one tied to Storm-2603 and another to an un...
Ransomware case reveals two parallel threat actors, blending tactics and evasion—showing why isolated signals can often miss modern, overlapping cyberattacks...