Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

Malicious Memes: How Cybercriminals Use Humor to Spread Malware

Apr 3, 2025 By Erich Kron In KnowBe4
Internet memes and viral content have become a universal language of online culture. They're easily shareable, often humorous, and can spread rapidly across various platforms. However, this same virality and cultural resonance make memes an attractive vector for cybercriminals and threat actors. Anatomy of a meme Memes are nothing new, and have been around for decades. In fact, a comic published in 1921 followed one of today's most common meme themes: ‘Expectation vs.
Read Post
aikido

Hide and Fail: Obfuscated Malware, Empty Payloads, and npm Shenanigans

Apr 3, 2025 By Willem Delbare In Aikido
‍ On March 14th 2025, we detected a malicious package on npm called node-facebook-messenger-api. At first, it seemed to be pretty run-of-the-mill malware, though we couldn’t tell what the end-goal was. We didn’t think much more of it until April 3rd 2025, when we see the same threat actor expand their attack.
Read Post

Master Advanced Threat Investigation: Forensic Analysis with Cato Sandbox

Apr 1, 2025 By Cato Networks In Cato Networks
In this video, we walk you through how Cato Networks' anti-malware and NextGen anti-malware solutions block both known and unknown threats in real time—*before* they can spread. But stopping malware is only the beginning. Learn how Cato Sandbox takes your cybersecurity strategy to the next level by: We’ll show you how to quickly enable Cato Sandbox, demonstrate real-time malware blocking, and explore a full forensic analysis via the Cato Management Application (CMA). Watch as we break down.
View Video
Trustwave

Babuk2 Bjorka: The Evolution of Ransomware for 'Data Commoditization'

Apr 1, 2025 By John Basmayor In Trustwave
An investigation that started with a tip from one of our threat intel sources about the revival of the Babuk (figure 1) threat group has led Trustwave SpiderLabs to uncover what appears to be a paradigm shift in the ransomware landscape. Figure 1. SpiderLabs telemetry (January 2025 events). Figure 1A. February to March events. Figure 1B. SpiderLabs telemetry (March 2025 events).
Read Post
aikido

Malware hiding in plain sight: Spying on North Korean Hackers

Mar 31, 2025 By Madeline Lawrence In Aikido
On March 13th 2025, our malware analysis engine alerted us to a potential malicious package that was added to NPM. First indications suggested this would be a clear-cut case, however, when we started peeling back the layers things weren’t quite as they seemed. Here is a story about how sophisticated nation state actors can hide malware within packages.
Read Post
aikido

Launching Aikido Malware - Open Source Threat Feed

Mar 31, 2025 By Charlie Eriksen In Aikido
Our Aikido Intel team has been identifying undisclosed open-source vulnerabilities using LLM-driven analysis and human verification. Now, we’re expanding our supply chain security research to detect and track malware in open-source packages, cheaper, better, & faster than what exists today.
Read Post

Ep 4: Naming and Shaming

Mar 31, 2025 By Rubrik In Rubrik
As Chinese hackers continue their raid of American companies, the threat reaches new levels of urgency, not so much for the sophistication of these hackers, but because of the sheer volume of attacks. And yet, victims continue to keep their breaches under wraps, and the government is hamstrung in what they can say because most everything they know about Chinese cyberespionage is classified.
View Video
squarex

SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk

Mar 28, 2025 By SquareX
From WannaCry to the MGM Resorts Hack, ransomware remains one of the most damaging cyberthreats to plague enterprises. Chainalysis estimates that corporations spend nearly $1 billion dollars on ransom each year, but the greater cost often comes from the reputational damage and operational disruption caused by the attack.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.