Threats

Threats

Ukraine and Germany Expose Ransomware Group Members, Russian Organizer Placed on INTERPOL Wanted List

Ukrainian and German law enforcement have identified members of a Russian-affiliated ransomware group responsible for hundreds of millions of euros in damages, with searches conducted in Ukraine and the alleged organizer placed on INTERPOL's international wanted list. The Operation Cyber police officers from Ukraine's National Police,

Threats

Dutch Police Arrest Alleged AVCheck Mastermind Behind Major Counter-Antivirus Platform

Dutch authorities have arrested a 33-year-old man believed to be behind AVCheck, one of the world's largest counter-antivirus services used by cybercriminals to test malware against security products. The suspect was detained at Amsterdam's Schiphol Airport on Sunday evening after being under international surveillance. Data storage

Threats

Microsoft and Global Police Disrupt RedVDS, a Scaled Engine Behind Massive BEC Fraud

A coordinated operation led by Microsoft and international law enforcement has dismantled RedVDS, a major infrastructure provider behind large-scale business email compromise (BEC) fraud worldwide. RedVDS functioned as a low-cost, subscription-based cybercrime service, offering criminals disposable virtual machines that appeared online as legitimate Windows systems. These rented environments allowed attackers

Threats

China-Linked Hackers Deploy Custom Linux Malware Against Telecoms in Espionage Campaign

A newly attributed China-nexus threat actor designated UAT-7290 has been conducting espionage operations against telecommunications providers in South Asia and organizations in Southeastern Europe since at least 2022. According to research published recently by Cisco Talos, the group employs a sophisticated multi-stage attack chain combining open-source tools, custom malware, and

Threats

VMware ESXi Zero-Day Flaws Were Likely Exploited in the Wild More Than a Year Before Disclosure

Security researchers have uncovered evidence suggesting that threat actors speaking Chinese may have been exploiting serious vulnerabilities in VMware ESXi long before these flaws were publicly disclosed by the vendor. According to a new analysis by cybersecurity firm Huntress, a breach observed in December 2025 began with the compromise of

Threats

MuddyWater Escalates Espionage Campaigns With New Rust-Based Malware “RustyWater”

An Iran-linked threat actor known as MuddyWater has been linked to a newly identified spear-phishing campaign targeting diplomatic, maritime, financial, and telecommunications organizations across the Middle East. The operation deploys a Rust-based remote access trojan (RAT) dubbed RustyWater, signaling a continued evolution in the group’s malware development strategy. According

Threats

ForumTroll Hackers Target Russian Academics in New Phishing Attack

Cyber-espionage group shifts tactics, using fake scientific library emails to infect individual researchers A cyber-espionage group known as ForumTroll has launched a new phishing campaign targeting Russian academics, marking the group’s return months after exploiting a Google Chrome zero-day vulnerability earlier in 2025. The attacks, detected in October 2025,