TRU Security

Updates from Acronis Threat Research Unit

Acronis
Fake adult websites pop realistic Windows Update screen to deliver stealers via ClickFix
Acronis TRU researchers have discovered an ongoing campaign that leverages a novel combination of screen hijacking techniques with ClickFix, displaying a realistic, full-screen Windows Update of “Critical Windows Security Updates” to trick victims into executing malicious commands.
Insights
November 18, 2025 — 3 min read
Acronis
Acronis Cyberthreats Update, November 2025
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis...
November 10, 2025 — 22 min read
Acronis TRU Alliance {VirusTotal}: Tracking FileFix, Shadow Vector, and SideWinder
Introducing the Acronis TRU Alliance Series. This new series highlights collaborative research...
November 07, 2025 — 2 min read
MSP cybersecurity news digest, November 3, 2025
Qilin ransomware abuses Windows Subsystem for Linux to deploy Linux encryptors on Windows, Atroposia...
November 04, 2025 — 4 min read
MSP cybersecurity news digest, October 21, 2025
Here is the MSP cybersecurity news digest for October 21, 2025 from the Acronis Threat Research Unit...
October 28, 2025 — 3 min read
MSP cybersecurity news digest, October 28, 2025
Urgent WSUS RCE flaw actively exploited! Plus: Fake LastPass inheritance emails steal vaults, Iran's...
October 17, 2025 — 3 min read
Acronis Cyberthreats Update, October 2025
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis...
September 29, 2025 — 5 min read
MSP cybersecurity news digest, September 29, 2025
Here is the Acronis Threat Research Unit (TRU) MSP cybersecurity news digest, September 29, 2025
September 23, 2025 — 6 min read
MSP cybersecurity news digest, September 23, 2025
Here is the weekly digest with news from Acronis TRU for the week of September 23, 2025
September 11, 2025 — 3 min read
Acronis Cyberthreats Update, September 2025
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis...

Trends and analysis

November 19, 2025 — 23 min read
Acronis
Cooking up trouble: How TamperedChef uses signed apps to...
Acronis Threat Research Unit (TRU) observed a global malvertising / SEO campaign, tracked as...
November 10, 2025 — 3 min read
Acronis
MSP cybersecurity news digest November 10, 2025
Must-know cybersecurity news for MSPs: GlassWorm, ClickFix, Gootloader and the dangerous new era of...
November 04, 2025 — 13 min read
Acronis
The DragonForce Cartel: Scattered Spider at the gate
Acronis Threat Research Unit (TRU) analyzed DragonForce, a Conti-derived ransomware-as-a-service...
October 13, 2025 — 2 min read
Acronis
MSP cybersecurity news digest, October 13, 2025
Medusa exploits GoAnywhere MFT, Discord data leaks via Zendesk, plus Vampire Bot and Qilin ransomware...
October 06, 2025 — 3 min read
Acronis
MSP cybersecurity news digest, October 6, 2025
Harrods breach tied to supplier compromise leaks 430,000 records, MatrixPDF toolkit weaponizes PDFs...
September 25, 2025 — 7 min read
Acronis
ARINC’s common-use passenger processing system MUSE...
Major European airports including Heathrow, Brussels, Berlin, and Dublin have reported disruptions in...