Cybersecurity
New gentlemen's raas advertised on underground forums
Lisa Kern AI에 의해 생성된 이미지
Threat actor zeta88 is promoting a new ransomware-as-a-service operation called The Gentlemen's RaaS on hacking forums, targeting Windows, Linux, and ESXi systems. The platform offers affiliates 90 percent of ransom payments and features cross-platform encryption tools developed in Go and C. This development highlights the ongoing commercialization of sophisticated ransomware targeting enterprise environments.
Qilin ransomware uses WSL to run Linux encryptors on Windows
The Qilin ransomware group has been observed exploiting the Windows Subsystem for Linux (WSL) to execute Linux-based encryptors directly on Windows systems, bypassing traditional security tools. This technique allows the malware to evade detection by endpoint detection and response (EDR) products focused on Windows behaviors. Cybersecurity firms Trend Micro and Cisco Talos detailed the method in recent research.
Gunra ransomware exploits Windows and Linux with encryption vulnerabilities
The Gunra ransomware group, active since April 2025, targets both Windows and Linux systems worldwide through platform-specific malware variants. While the Windows version employs secure encryption, the Linux variant suffers from critical weaknesses that allow brute-force decryption. Organizations in regions like South Korea have reported infections, highlighting the group's expanding operations.
SquareX exposes spoofing vulnerability in AI browsers
2025년 10월 29일 06시 51분Malicious packages overwhelm NPM with over 86,000 downloads
2025년 10월 29일 04시 54분Surfshark launches email scam checker to fight phishing
2025년 10월 27일 10시 24분Scam targets LastPass users with fake death certificate claims
2025년 10월 27일 09시 05분Experts warn of OAuth token theft in Microsoft Copilot Studio
2025년 10월 25일 21시 42분Cuba among first signatories of cybercrime convention
2025년 10월 25일 07시 59분Amazon web services outage disrupts wide swaths of the web
2025년 10월 25일 07시 53분Millions of UK people reuse one password across accounts
2025년 10월 24일 13시 39분Amazon outage caused by single failure in AWS network
2025년 10월 24일 06시 06분Microsoft issues emergency patch for Windows Server
Qilin ransomware deploys Linux binaries against Windows systems
Lisa Kern AI에 의해 생성된 이미지
The Qilin ransomware group, also known as Agenda, has developed a hybrid attack using Linux payloads on Windows hosts to evade detection. By abusing legitimate remote management tools and exploiting vulnerable drivers, attackers disable defenses and target backups. This cross-platform tactic highlights evolving ransomware sophistication.
Report claims fewer firms paying ransomware demands
A new report suggests that ransomware attacks are becoming less successful for cybercriminals, with the number of firms paying ransoms plummeting. This indicates a potential shift in the cybersecurity landscape. The findings highlight that ransomware is not always as effective as it appears.
Malicious npm packages steal developer credentials on multiple platforms
Ten typosquatted npm packages, uploaded on July 4, 2025, have been found downloading an infostealer that targets sensitive data across Windows, Linux, and macOS systems. These packages, mimicking popular libraries, evaded detection through multiple obfuscation layers and amassed nearly 10,000 downloads. Cybersecurity firm Socket reported the threat, noting the packages remain available in the registry.
Qilin ransomware uses WSL to run Linux encryptors on Windows
Cybersecurity researchers have uncovered a tactic by the Qilin ransomware group that exploits Microsoft's Windows Subsystem for Linux (WSL) to execute Linux-based encryption tools on Windows machines. This method allows attackers to bypass many endpoint detection and response (EDR) systems by operating in a Linux sandbox environment that traditional tools often overlook. The technique highlights the growing sophistication of ransomware operations blending operating systems.