Threat Research Unit is a dedicated Acronis unit composed of experienced cybersecurity experts. Our team includes cross-functional experts in cybersecurity, AI, and threat intelligence. We are empowering IT teams with intelligence-driven cyberthreat research and reporting.
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis Threat Research Unit (TRU) and Acronis sensors. Figures presented here were gathered in January 2026 and reflect threats that Acronis detected, as well as news stories from the public domain.
The Acronis Threat Research Unit (TRU) analyzed the latest version of LockBit ransomware (version 5), which targets Windows, Linux and ESXi systems, and shares some similarities with the previous version 4.
Operation Winter SHIELD is an FBI Cyber Division initiative that has distilled theoretical best practices into ten concrete actions designed to reduce the likelihood of system compromise when attackers strike, and limit damage when incidents occur by focusing on controls that matter most in practice, not on paper.
Russian-linked threat actors actively exploit newly patched Microsoft office zero day in targeted attacks, Fintech giant Betterment reports major data exposure affecting 1.4 million users, and more. Here are the latest threats to MSP security.
Unsecured MongoDB databases remain easy targets for data exfiltration and extortion campaigns, ShinyHunters’ leak claims prompt Match Group to confirm limited data exposure event, and more. Here are the latest threats to MSP security.
AI‑built VoidLink malware emerges with advanced loaders, rootkits and modular attack capabilities, Active attacks leverage telnetd authentication bypass flaw (CVE‑2026‑24061) to obtain instant root access, and more. Here are the latest threats to MSP security.
Grubhub admits breach after hackers access internal systems and exfiltrate sensitive data, France’s Free Mobile hit with €42 million CNIL penalty for security failures in massive 2024 data breach, and more. Here are the latest threats to MSP security.
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis Threat Research Unit (TRU) and Acronis sensors. Figures presented here were gathered in December 2025 and reflect threats that Acronis detected, as well as news stories from the public domain.
ClickFix campaigns use fake BSOD screens to trick users into running malware, Newly disclosed Veeam issues highlight ongoing risks to backup infrastructure, and more. Here are the latest threats to MSP security.
Fake KMSAuto activators spread malware tied to large-scale crypto losses, Zoom-themed browser extensions steal corporate meeting data at scale, and more. Here are the latest threats to MSP security.
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis Threat Research Unit (TRU) and Acronis sensors. Figures presented here were gathered in November 2025 and reflect threats that Acronis detected, as well as news stories from the public domain.
Active exploitation of “MongoBleed” flaw exposes data from over 87,000 servers, Patch released for high-severity RCE issue in n8n workflows, and more. Here are the latest threats to MSP security.