Verticals Targeted: Not specified
Regions Targeted: Sri Lanka
Related Families: BeaverTail, OtterCookie, InvisibleFerret
Recent Posts
Verticals Targeted: Financial
Regions Targeted: Asia
Related Families: Fog Ransomware
Executive Summary
AdaptixC2, an open-source command-and-control framework, has emerged as a potent tool for threat actors, enabling file manipulation, data exfiltration, and covert network communication in attacks. Its modular design and AI-assisted deployment methods underscore the need for robust defenses to counter its evolving tactics.
Verticals Targeted: None specified
Regions Targeted: Russia
Related Families: None
Executive Summary
ClayRAT, a sophisticated Android spyware campaign targeting Russian users, leverages Telegram channels and phishing sites to distribute malicious APKs disguised as popular apps. Its rapid evolution, extensive surveillance capabilities, and self-propagation via SMS make it a significant threat to mobile security.
Verticals Targeted: Manufacturing, Government, Healthcare, Technology, Retail, Education, Financial, Construction
Regions Targeted: India, US, Europe, Brazil, Canada
Related Families: None
Executive Summary
The EvilAI malware campaign leverages AI-generated code and deceptive applications with valid digital signatures to infiltrate systems globally, targeting critical industries like manufacturing, government, and healthcare. By mimicking legitimate software and employing sophisticated obfuscation, EvilAI evades detection, exfiltrates sensitive data, and maintains persistent control via encrypted C2 communications, posing a significant threat to organizations worldwide.
Verticals Targeted: Not specified
Regions Targeted: Not specified
Related Families: LockBit
Executive Summary
LockBit 5.0, the latest evolution of the notorious ransomware, targets Windows, Linux, and VMware ESXi systems with advanced obfuscation, DLL reflection, and anti-analysis techniques. Its cross-platform capabilities and enhanced encryption methods make it a formidable threat to enterprise networks.
Verticals Targeted: Real Estate, Insurance, Energy, Manufacturing, Legal Services, Healthcare, Construction, Retail, Agriculture, Finance, Business Services, Transportation, Software, Hospitality, Government, Telecommunications
Regions Targeted: US, Europe, South America, Australia, Canada, India, Africa
Executive Summary
A surge in Akira ransomware attacks since July 2025 exploits SonicWall VPNs via CVE-2024-40766, enabling rapid credential-based intrusions with dwell times as short as 55 minutes. Threat actors leverage stolen credentials, bypass MFA, and deploy tools such as Impacket and WinRAR for lateral movement and data exfiltration, targeting organizations across various sectors.
Verticals Targeted: Legal Services, Software, Business Services, Technology
Regions Targeted: US
Related Families: BRICKSTEAL, SLAYSTYLE
Executive Summary
The BRICKSTORM backdoor, attributed to the suspected China-nexus threat cluster UNC5221, has been actively targeting U.S. organizations in the legal, SaaS, BPO, and technology sectors since March 2025, enabling prolonged espionage with an average dwell time of 393 days. This sophisticated malware leverages zero-day exploits and stealthy techniques to maintain persistent access, evade detection, and steal sensitive data, posing significant risks to critical infrastructure.
Verticals Targeted: Defense Manufacturing, Telecommunications, Aerospace
Regions Targeted: Western Europe, Middle East
Related Families: MiniJunk, MiniBrowse