Acronis Threat Research Unit

Here is the weekly digest with news from Acronis TRU for the week of September 23, 2025

Acronis' Threat Research Unit discovered a rare in-the-wild example of a FileFix attack — a new variant of the now infamous ClickFix attack vector.

The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis Threat Research Unit (TRU) and Acronis sensors. Figures presented here were gathered in August 2025 and reflect threats that Acronis detected, as well as news stories from the public domain.

Over the past months, Acronis TRU (Threat Research Unit) has identified multiple active and ongoing campaigns leveraging trojanized versions of ConnectWise ScreenConnect to gain initial access to victim networks and compromise target machines.

Stay informed on the latest cyber threats: The Orange Belgium data breach affects 850,000 customers. The Warlock ransomware gang targets UK telecom Colt Technology Services, auctioning stolen documents. A Miljödata attack disrupts services for hundreds of Swedish municipalities. Learn about the ZipLine campaign targeting US supply chain manufacturers with MixShell Malware, and the ShadowSilk data exfiltration group.

Microsoft patches 107 vulnerabilities, including Windows Kerberos zero day, PEAR ransomware gang leaks 1.26TB of Alt Vision data, and more. Here are the latest threats to MSP security.

Clinical data stolen in cyberattack on dialysis provider DaVita, Chanel, Pandora, Google and Cisco suffer data breaches, and more. Here are the latest threats to MSP security.

Scattered Spider group disrupted, but imitators carry on, Fake OAuth apps and Tycoon phishing kit used to hijack Microsoft 365 accounts, and more. Here are the latest threats to MSP security.

The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis Threat Research Unit (TRU) and Acronis sensors. Figures presented here were gathered in July 2025 and reflect threats that Acronis detected, as well as news stories from the public domain.

Benign-appearing panda images used by new Koske Linux malware to deliver malicious code, Turkish defense firms targeted through Patchwork spear-phishing campaign, and more. Here are the latest threats to MSP security.

Acronis Threat Research Unit (TRU) analyzed recent samples of Akira and Lynx ransomware families to see the latest changes and tweaks implemented by the groups.

SafePay inflicts major ransomware attack on Ingram Micro, Oyster malware loader spread through SEO poisoning campaign to target 8,500+ SMB users, and more. Here are the latest threats to MSP security.