%term

GPUGate Malware: Malicious GitHub Desktop Implants Use Hardware-Specific Decryption, Abuse Google Ads to Target Western Europe

Sep 5, 2025 By Arctic Wolf Threat Research In Arctic Wolf

On 19 August 2025, the Arctic Wolf Cybersecurity Operations Center (cSOC) uncovered and remediated a sophisticated delivery chain: a threat actor leveraged GitHub’s repository structure together with paid placements on Google Ads to funnel users toward a malicious download hosted on a lookalike domain. By embedding a commit‑specific link in the advertisement, the attackers made the download appear to originate from an official source, effectively sidestepping typical user scrutiny.

Read Post

Arctic Wolf

Read more about GPUGate Malware: Malicious GitHub Desktop Implants Use Hardware-Specific Decryption, Abuse Google Ads to Target Western Europe

Adversarial AI and Polymorphic Malware: A New Era of Cyber Threats

Sep 5, 2025 By Lookout In Lookout

The state of cybersecurity has always been in flux, but the arrival of tools like ChatGPT heralded one of the most significant challenges for security teams in years. AI has the potential to unlock incredible potential in data processing and malware detection, but in the wrong hands, Large Language Models (LLMs) and other adversarial AI tools can be used to develop polymorphic malware that can escape detection, gain access to sensitive data, and poison data sets.

Read Post

Lookout

Read more about Adversarial AI and Polymorphic Malware: A New Era of Cyber Threats

EMBER2024: Advancing the Training of Cybersecurity ML Models Against Evasive Malware

Sep 3, 2025 By Phil Roth In CrowdStrike

CrowdStrike data scientists are members of a team of cybersecurity researchers that recently released EMBER2024, an update to EMBER, the popular open source malware benchmark dataset originally released in 2018. The EMBER2024 dataset includes metadata, labels, and calculated features for over 3.2 million files from six different file formats.

Read Post

CrowdStrike

Read more about EMBER2024: Advancing the Training of Cybersecurity ML Models Against Evasive Malware

10 Budget Moves to Protect Against Ransomware

Sep 3, 2025 By SecuritySenses In SecuritySenses

Protecting your business from ransomware doesn't require an unlimited budget, but it does take careful planning. Cyberattacks grow more advanced each year. Ignoring preparedness could result in massive downtime or data loss. Investing in the right defenses reduces risk without overspending. Knowing where to allocate funds can mean the difference between prevention and recovery costs spiraling out of control. Here are nine actionable investments with real-world impact to safeguard your organization while keeping budgets in check.

Read Post

SecuritySenses

Read more about 10 Budget Moves to Protect Against Ransomware

Defeating Ransomware with Unified Security

Sep 2, 2025 By WatchGuard Technologies In WatchGuard

Ransomware is getting smarter, so your security better be, too. The old playbook of scattered tools and siloed defenses no longer cuts it. Every business needs to connect the dots to stay ahead. In this webinar, we’ll show you how bringing together SASE, XDR, NDR, and automation under a unified platform creates a powerful security force that works with your team, not against it.

View Video

WatchGuard

Read more about Defeating Ransomware with Unified Security

RapperBot: From Infection to DDoS in a Split Second

Sep 2, 2025 By Pedro Umbelino In BitSight

This blog post may sound a bit personal. That’s because it is. It is also a long story, so you might want to grab yourself some coffee (or your favorite beverage).

Read Post

BitSight

Read more about RapperBot: From Infection to DDoS in a Split Second

CTI Roundup: Linux Malware, UNC5518, PRC-Nexus

Sep 2, 2025 By Tanium In Tanium

New Linux malware evades antivirus detection, UNC5518 deploys CORNFLAKE.V3 using ClickFix and fake CAPTCHA pages, and a PRC-Nexus campaign hijacks web traffic.

Read Post

Tanium

Read more about CTI Roundup: Linux Malware, UNC5518, PRC-Nexus

Intel Chat: Trend Micro Apex One, PyPI domains, RingReaper & Openbaar Ministrie attack [244]

Sep 1, 2025 By LimaCharlie In LimaCharlie

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows.

View Video

LimaCharlie

Read more about Intel Chat: Trend Micro Apex One, PyPI domains, RingReaper & Openbaar Ministrie attack [244]

Google Saved the Day: How Search Solved a Ransomware Alert #appsec

Sep 1, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Google Saved the Day: How Search Solved a Ransomware Alert #appsec

Cloud Ransomware Attack: Storm-0501's Azure Tactics and How to Defend

Aug 29, 2025 By Foresiet In Foresiet

Cloud adoption has transformed how organizations store and secure critical data—but it has also created new opportunities for attackers. A recent campaign by Storm-0501, a financially motivated ransomware group, highlights how devastating a cloud ransomware attack can be when backups and recovery measures fail.

Read Post