Operation Winter SHIELD is an FBI Cyber Division initiative that has distilled theoretical best practices into ten concrete actions designed to reduce the likelihood of system compromise when attackers strike, and limit damage when incidents occur by focusing on controls that matter most in practice, not on paper.

Acronis Threat Research Unit (TRU) has been tracking Transparent Tribe, also known as APT36, and has uncovered a campaign that stands out for its use of startup-oriented, themed lure material delivered via an ISO container-based file.

AI‑built VoidLink malware emerges with advanced loaders, rootkits and modular attack capabilities, Active attacks leverage telnetd authentication bypass flaw (CVE‑2026‑24061) to obtain instant root access, and more. Here are the latest threats to MSP security.

Grubhub admits breach after hackers access internal systems and exfiltrate sensitive data, France’s Free Mobile hit with €42 million CNIL penalty for security failures in massive 2024 data breach, and more. Here are the latest threats to MSP security.

The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis Threat Research Unit (TRU) and Acronis sensors. Figures presented here were gathered in December 2025 and reflect threats that Acronis detected, as well as news stories from the public domain.

Acronis Threat Research Unit (TRU) observed a targeted malware campaign against U.S. government entities leveraging a politically themed ZIP archive containing a loader executable and a malicious DLL. The executable is used to sideload and execute the DLL, which functions as the primary backdoor, tracked as LOTUSLITE.

ClickFix campaigns use fake BSOD screens to trick users into running malware, Newly disclosed Veeam issues highlight ongoing risks to backup infrastructure, and more. Here are the latest threats to MSP security.