%term

October 2025 Ransomware Update

Oct 30, 2025 By WatchGuard Technologies In WatchGuard

his week on the podcast, we have our resident ransomware expert, Ryan Estes, on to give an update on the latest in the ransomware ecosystem. We cover a few recent changes to operators, extortion techniques, and business impact from ransomware attacks in recent months.

View Video

WatchGuard

Read more about October 2025 Ransomware Update

How Cybercriminals Bypass Your Defenses (And How to Stop Them)

Oct 30, 2025 By SecuritySenses In SecuritySenses

Malware can seriously disrupt a computer's functionality. Performance issues are only the beginning, with the worst cases involving credential theft, data theft, or monetary theft. Malware is annoying, but it can also be dangerous. Simply put, you don't want malware to make its way onto your devices. That's what antivirus software is for.

Read Post

SecuritySenses

Read more about How Cybercriminals Bypass Your Defenses (And How to Stop Them)

Ransomware's Worst Halloween Nightmare: The BDRShield Backup

Oct 29, 2025 By Evangelin Sebattini In BDRSuite

It’s a dark and stormy night in cyberspace. Ransomware monsters lurk in the shadows, ready to encrypt and extort unsuspecting businesses.

Read Post

BDRSuite

Read more about Ransomware's Worst Halloween Nightmare: The BDRShield Backup

From Brazil with Love: New Tactics from Lampion

Oct 28, 2025 By João Godinho In BitSight

This post will describe a long-running spam campaign from a Brazilian group known for using the Lampion stealer. We’ll detail the latest updates on the infection chain and its components, share previously undescribed indicators, and cover key takeaways, including.

Read Post

BitSight

Read more about From Brazil with Love: New Tactics from Lampion

CTI roundup: Famous Chollima, COLDRIVER, Vidar Stealer 2.0

Oct 28, 2025 By Tanium In Tanium

Famous Chollima combines BeaverTail and OtterCookie, COLDRIVER deploys three new malware families, and Vidar Stealer 2.0 demonstrates upgraded capabilities.

Read Post

Tanium

Read more about CTI roundup: Famous Chollima, COLDRIVER, Vidar Stealer 2.0

Widespread Installation of Calendaromatic Adware Includes Homoglyph Channel

Oct 27, 2025 By Kroll In Kroll

Kroll has recently seen a widespread installation of an application called Calendaromatic, that Kroll Threat Intelligence (TI) is currently classifying as a potentially unwanted program (adware) but displays some functionality that gives it the potential to conduct more malicious behaviors.

Read Post

Kroll

Read more about Widespread Installation of Calendaromatic Adware Includes Homoglyph Channel

Agentic AI Ransomware: What You Need to Know

Oct 24, 2025 By KnowBe4 | Human Risk Management In KnowBe4

Brace yourself for agentic AI ransomware. It's a terrifying fusion of cutting-edge tech and malicious intent that's set to redefine cyber threats as we know them. Unlike traditional ransomware, which follows pre-programmed rules, agentic AI ransomware can adapt its behavior in real-time based on its environment and the defenses it encounters.

View Video

KnowBe4

Read more about Agentic AI Ransomware: What You Need to Know

AI Sidebar Spoofing Attack: SquareX Uncovers Malicious Extensions that Impersonate AI Browser Sidebars

Oct 23, 2025 By SquareX

SquareX released critical research exposing a new class of attack targeting AI browsers. The AI Sidebar Spoofing attack leverages malicious browser extensions to impersonate trusted AI sidebar interfaces, which is used to trick users into executing dangerous commands that can lead to credential theft, device hijacking, and password exfiltration.

Read Post

Read more about AI Sidebar Spoofing Attack: SquareX Uncovers Malicious Extensions that Impersonate AI Browser Sidebars

Dual-Platform Backdoor from a South Asian Threat Group: StealthServer

Oct 23, 2025 By Foresiet In Foresiet

In my ongoing monitoring of cyber threats in South Asia, I’ve encountered a series of advanced persistent threat (APT) activities. This region has long been a hotspot for sophisticated cyberattacks, with various groups ramping up their operations in terms of frequency and technical complexity. Starting from early July, I’ve captured multiple new malware samples targeting both Windows and Linux platforms.

Read Post

Foresiet

Read more about Dual-Platform Backdoor from a South Asian Threat Group: StealthServer

Why Infostealer Malware Demands a New Defense Strategy

Oct 23, 2025 By Peter Brittliff In UpGuard

Modern breaches rarely begin with a brute-force attack on a firewall, they now start with a user login. Valid account credentials are now a top initial access vector, responsible for 30% of all intrusions. In this post, we address a common misconception surrounding the inforstealer malware that may be putting you at risk of a data breach.

Read Post