Expert analysis from Ricnology
Shai-Hulud v2 campaign expands from NPM to Maven repositories, deploying malicious packages that harvest thousands of API keys, credentials, and secrets from compromised development environments
Qilin ransomware operators compromise South Korean managed service provider to deploy ransomware across multiple financial sector clients, exploiting supply chain trust relationships for mass encryption
Aisuru cybercriminals transform IoT botnet from denial-of-service platform into residential proxy rental infrastructure, commercializing compromised devices for IP anonymization and attribution evasion
RomCom threat actors deploy Mythic command-and-control agent through SocGholish fake browser update infrastructure, establishing persistent access for espionage and data exfiltration operations
Aisuru operators transition from DDoS-for-hire to residential proxy rental business, monetizing compromised IoT devices by selling IP rotation and geographic distribution services to cybercriminals
Severe 7-Zip vulnerability enables attackers to execute arbitrary code through symbolic link manipulation in malicious archives, requiring immediate patching across systems using affected compression software versions
Aisuru cybercriminals abandon denial-of-service operations to commercialize IoT botnet infrastructure as residential proxy network, selling IP anonymization and geographic distribution to attackers
Canadian regulators impose $176 million penalty on Cryptomus cryptocurrency platform for systematic anti-money laundering violations and processing ransomware payments without customer due diligence
Former DDoS botnet Aisuru transitions to residential proxy commercialization, renting compromised IoT devices to cybercriminals for IP rotation, geographic distribution, and attribution evasion services
NHS cybersecurity team warns organizations of active 7-Zip vulnerability exploitation enabling attackers to execute code and write arbitrary files through malicious archive symbolic link manipulation
NHS cybersecurity division warns of active exploitation of 7-Zip symbolic link vulnerability enabling attackers to write malicious files to arbitrary system locations through crafted archive manipulation
Canadian regulators impose $176 million penalty on Cryptomus cryptocurrency platform for processing ransomware payments and systematic violations of money laundering prevention and customer verification laws