Eric Swotinsky

A massive malware campaign has been distributing Magniber ransomware, disguised as Microsoft Windows updates.

A Conti ransomware attack affected multiple government services in Costa Rica, from the Finance Ministry to the Labor Ministry. One of the most recent victims is the Electricity Service of Cartago (JASEC).

Malware loaders commonly used by threat actors, such as BazaLoader and IcedID, are seemingly being replaced by a new loader called Bumblebee.

A new ransomware known as Black Basta has emerged, attacking at least 12 companies within its first three weeks of operation — including the American Dental Association and wind farm operator Deutsche Windtechnik.

African banks have found themselves to be an increasing target for remote access tools (RATs) that are deployed through typo-squatted domains and HTML smuggling tactics as a delivery method.

The Hive extortion group is actively targeting unpatched Microsoft Exchange Servers and using them to deploy ransomware.

The Nordex Group, known as one of the world's largest manufacturers of wind turbines, has confirmed a cyberattack. The attack was discovered end of last month, and Nordex disabled remote access from some networks to their turbines as a precaution.

Qantas-owned airline Jetstar appears to have fallen victim to ransomware, the result of an attack by the Quantum extortion group.

This April, Microsoft's Patch Tuesday came with 128 vulnerability patches — the largest number of fixes seen in the monthly event since September of 2020.

New infostealer malware called Meta is gaining in popularity. It attempts to steal browser passwords, credit cards info, and any other stored credentials.

Perusahaan Gas Negara (PGN) has been hit by a Hive ransomware attack, just days after the group also successfully targeted American healthcare provider Partnership HealthPlan of California (PHC). As a healthcare organization, PHC is a more typical target for the Hive group.

A new phishing campaign, which uses fake WhatsApp voice messages to trick victims into installing infostealing malware, has already targeted over 27,000 users.