Ransomware

Phishing attack abuses QR codes to bypass FIDO keys

Laura FrenchJuly 17, 2025

A man-in-the-middle attack relays a cross-device sign-in mechanism via a fake login site.

Today's Top Ransomware Headlines

Ransomware News

Microsoft Teams phishing spreads updated Matanbuchus malware loader

Matanbuchus 3.0 adds greater stealth and execution capabilities, and could lead to ransomware.

Network Security

China-linked Salt Typhoon infiltrated state National Guard network

Security officials touted victory over a second China-linked group on critical infrastructure networks.

(Credit: Araki Illustrations – stock.adobe.com)

67 malicious npm packages, novel loader spread North Korean malware

Packages that load BeaverTail malware were downloaded more than 17,000 times.

The words 'identity theft' in red binary code on computer monitor.

Stolen identities a fear after Episource breach affects 5.4M patients

In letter to customers, Episource said that the sensitive healthcare data potentially stolen.

NordDragonScan infostealer targets Windows with LOTL methods

The campaign distracts victims from its malicious nature using benign decoy documents.

Application security

CatWatchful stalkerware breach reveals 62K users, 26K victims

An SQL injection exploit exposed the users and owner of CatWatchful stalkerware.

Laptop showing the national flag of Russia and a warning sign of malware. Illustration of the concept of cyber threats, DDOS and hacking activities related to Russia

US sanctions ‘bulletproof’ hosting provider Aeza for cybercrime ops

Russia-based bulletproof hosting (BPH) service offers no-questions-asked access to servers.

Incorrect links output by LLMs could lead to phishing, researchers say

AI models may fail to recognize social engineering content in training data and searches.

Qantas Australian airline plane

Qantas confirms cyberattack on third-party call center app

While not confirmed, security pros say the attack resembles recent attacks on airlines and retailers by Scattered Spider.

DragonForce ransomware variant tied to emerging DEVMAN threat actor

The ransomware sample contained “oddities” including encryption of its own ransom note.

Fast Five

Selected by the SC Media Editorial team every Tuesday.

Sign up now for the top five issues cybersecurity pros need to know this week.

Ransomware Events