Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog post updated for clarity. In late September 2025, several European airports reported significant delays and flight cancellations due to disruptions with their check-in and passenger systems. As a global leader in aviation technology and the backbone of passenger travel, protection of systems and customer operations is paramount for Collins Aerospace. Nonetheless, the vendor of the vMUSE check-in system had been hit by a ransomware attack.

Astaroth trojan uses GitHub to host malware configurations, TA585 delivers MonsterV2 malware in phishing campaigns, and threat actors exploit Microsoft’s logo in tech support scams.

In its 2025 State of the Underground report, Bitsight TRACE found that ransomware activity continued to escalate in 2024, with a 25% increase in unique victims listed on leak sites and a 53% increase in the number of ransomware group-operated leak sites. The report also observed a 43% increase in data breaches shared on underground forums, with nearly one in five victims based in the United States. These findings highlight a continued upward trend in cyberattack activity.

In 2025, 36 years after the first ransomware attack was recorded, actors continue to zero in on the public sector, and there is no evidence they will slow down any time soon. In fact, our numbers suggest that ransomware attacks against government organizations are ramping up, causing crippling service outages, massive data loss, reputational damage, public distrust, and financial harm.

A new threat campaign, codenamed BrickStorm and attributed to a China nexus group tracked as UNC5221, has security researchers sounding the alarm. This is a highly sophisticated espionage operation, and its most staggering feature is the adversary’s patience. The astonishing average time they remain inside a victim’s network before being detected is well over a year—393 days to be exact.

Arctic Wolf Labs has identified and analyzed a new malware loader we’re calling Caminho, a Brazilian-origin Loader-as-a-Service (LaaS) operation employing Least Significant Bit (LSB) steganography to conceal.NET payloads within image files hosted on legitimate platforms.

Cybercriminals are taking stealth to new levels. According to WatchGuard Technologies’ latest Internet Security Report, evasive malware attacks jumped 40% in Q2 2025, driven by a sharp rise in threats delivered over encrypted connections. While Transport Layer Security (TLS) encryption is essential for protecting users, attackers are increasingly exploiting it to conceal malicious payloads and evade traditional detection methods.

Law firms are getting hit with ransomware at an alarming rate, and most don’t realize how exposed they actually are until it’s too late. The American Bar Association reports that 29% of law firms experienced a successful security breach in 2023. The average ransom demand for professional services firms runs between $200,000 and $500,000.

Oct 16, 2025 How AI is Transforming Application Security Testing Read More Natalie Tischler Oct 14, 2025 Veracode Named a Leader in Gartner Magic Quadrant for AST for 11th Consecutive Time Read More Joe Ariganello Oct 9, 2025 The Business Case for Investing in AppSec Tools Read More Natalie Tischler.