Threat actors stories - Page 6

GhostFrame phishing kit has fuelled over 1m iframe-powered attacks since September, using hidden pages and anti-inspection tricks to evade defences.

AI agents are tipped to sweep through enterprises, shops and security by 2026, automating work, reshaping retail and redefining digital trust.

AI-powered attackers and defenders will clash in 2026, driving autonomous breaches, VPN failures and stricter rules that reshape cyber security.

Microsoft fixes a Windows zero-day used in attacks and Office flaws that can execute code when emails are merely received or previewed.

SonicWall confirmed state actors accessed backup cloud files via an API, prompting swift investigation and enhanced security for partners and customers.

AI-driven cyber attacks are escalating rapidly, outpacing traditional defences and forcing security teams to adopt advanced AI tools to keep pace.

Curly COMrades exploit Microsoft Hyper-V to run hidden malware inside lightweight VMs, evading detection and maintaining stealthy control over targets.

Ransom payments fell to a historic low of 23% in Q3 2025 as cyber extortion tactics shift towards targeted, costlier attacks on larger firms.

Automation and AI slash ransomware attack times to 18 minutes, challenging defenders to match speed with automated defences, says ReliaQuest report.

Expel has launched Expel Intel, a new team providing actionable cyber threat insights based on real-world incidents to help security teams improve defences.

Oracle has issued an urgent patch for a critical flaw in its E-Business Suite, exploited by the Cl0p ransomware group using advanced social engineering tactics.

Broadcom patches a VMware zero-day flaw exploited for nearly a year, allowing attackers root access to virtual machines in certain configurations.

Vane Viper, a threat actor posing as an adtech firm, generated over 1 trillion DNS queries last year linked to malware and ad fraud, warns Infoblox.

Oyster Backdoor malware, disguised as WinSCP and PuTTY, targets healthcare IT professionals to enable ransomware operations like Rhysida, warns BlueVoyant.

Ransomware attacks surge to 20 daily incidents in 2025H1, with healthcare facing increased cyber threats and hackers targeting overlooked IoT devices worldwide.

Proofpoint exposes phishing attacks using fake Microsoft apps to bypass MFA and hijack Microsoft 365 accounts, affecting thousands globally in 2025.

LevelBlue and Akamai have teamed up to offer a managed web app and API security service, tackling rising threats with AI-driven, 24/7 protection and expert support.

Black Kite has launched its Adversary Susceptibility Index to help firms spot which suppliers are most exposed to specific cyber threat actors, enhancing risk management.

DDoS attacks in APAC have surged 364% year-on-year, driven by AI and hacktivists, with service providers and government bodies as prime targets.

SquareX launches two open-source toolkits to help security teams simulate and defend against browser-based attacks that evade traditional enterprise defences.