The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Critical Condition: The 2026 Healthcare Cyber Threat Landscape

May 4, 2026 2:15:01 PM / by The Hivemind posted in Threat Bulletin, .NET DNS Backdoor, healthcare data breaches, healthcare cybersecurity, ransomware healthcare, medical device cybersecurity, Iran cyber threat healthcare, hospital cyber attacks, healthcare supply chain attacks

0 Comments

Verticals Targeted: Healthcare
Regions Targeted: US, Global
Related Families & Threat Actors: Lynx, ANUBIS, Rhysida, LockBit, ALPHV/BlackCat, Qilin, Medusa, The Gentleman, Payload, NetRunner, Genesis, ShinyHunters, Pay2Key, Handala

Executive Summary

Healthcare remains the most targeted critical infrastructure sector for cyberattacks, driven by ransomware, large-scale data theft, and increasing geopolitical activity. In 2026, threat activity reflects a convergence of ransomware operators, data extortion groups, and Iran-linked cyber operations, significantly increasing risk to healthcare delivery, patient safety, and supply chain stability.

Read More

Lyceum .NET DNS Backdoor “DnsSystem”

Jun 24, 2022 2:22:18 PM / by PolySwarm Tech Team posted in Threat Bulletin, Lyceum, Hexane, Siamese Kitten, DnsSystem, .NET DNS Backdoor

0 Comments



Executive Summary

Zscaler recently reported on a new .NET DNS backdoor “DnsSystem” used by the threat actor group known as Lyceum. It is primarily used to target entities in the Middle East.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More