Threat intelligence stories

AI-fuelled ransomware hit record levels in 2025, with BlackFog warning that around 86% of attacks worldwide are never publicly disclosed.

OPSWAT appoints malware expert Jan Miller as CTO and puts him in charge of a new Technology Centre focused on AI-driven threat prevention.

LummaStealer roars back after domain takedown, using fake CAPTCHA ClickFix tricks and CastleLoader to spread via routine user actions.

Okta warns North Korean operatives are landing remote tech jobs with stolen and synthetic identities to fund the regime and enable cyber attacks.

McAfee warns Australians AI-powered romance scams are surging ahead of Valentine’s Day, with one in seven victims losing an average AUD $780.

BADIIS malware is hijacking over 1,800 IIS servers worldwide, quietly boosting illicit gambling and crypto phishing sites via poisoned SEO.

Cloaking dominates PropellerAds’ 2025 safety report as stricter checks drive a 35% rise in blocked campaigns and more account suspensions.

Simbian claims 15-fold customer surge as its AI-driven SOC agents vie to replace rules-based automation in the cyber defence arms race.

NordVPN will use CrowdStrike threat intelligence to power its Threat Protection Pro tool, bringing enterprise-grade data to consumer security.

CISOs show strong faith in cyber defences yet less than two-thirds feel ready for fast-rising AI-driven attacks and deepfake threats.

A newly uncovered SSHStalker botnet uses old-school IRC and legacy Linux exploits to hijack outdated corporate and cloud hosts at scale.

Google flags surging attempts to steal AI models as state-backed hackers weaponise Gemini for phishing, intel gathering and malware support.

FPT wins HITRUST r2 and AI Security certification for its Hanoi data centre, targeting stricter safeguards for healthcare and regulated sectors.

Cyber group FIRST warns CVE disclosures could smash records in 2026, topping 50,000 and potentially surging towards six figures.

China-linked Warlock ransomware group exploits SmarterMail flaw for admin takeovers, chaining features to gain full Windows control.

CodeHunter extends its behavioural malware analysis into CI/CD pipelines, targeting risky software artefacts before they reach production.

Bitsight launches an AI-driven dark web monitoring tool to give organisations earlier warning of cyber threats targeting key suppliers.

Study finds over 28,000 fake domains mimicking top global sites, exposing users to rising phishing, malware and industrial-scale squatting.

Google Cloud and Entrust strike AI-based identity fraud pact as UK firms face rising injection attacks and losses of about GBP £1.8 billion.

NetAssist deploys Graylog Security, slashing threat detection from four hours to under 45 minutes while cutting SIEM and infra costs.