Must-know cybersecurity news for MSPs: GlassWorm, ClickFix, Gootloader and the dangerous new era of AI-powered malware. Review key threats and a major public-sector breach.

Introducing the Acronis TRU Alliance Series. This new series highlights collaborative research analysis between Acronis Threat Research Unit (TRU) and other leading threat intelligence teams. In this first post of our collaboration series, we’ve teamed up with VirusTotal (VT) to share practical insights from Acronis TRU on several recent reports.

Qilin ransomware abuses Windows Subsystem for Linux to deploy Linux encryptors on Windows, Atroposia malware includes built-in vulnerability scanner for targeted exploitation, and more. Here are the latest threats to MSP security.

Here is the MSP cybersecurity news digest for October 21, 2025 from the Acronis Threat Research Unit (TRU).

Acronis Threat Research Unit (TRU) analyzed DragonForce, a Conti-derived ransomware-as-a-service active since 2023, documenting its malware, affiliate model and links to Scattered Spider.

Urgent WSUS RCE flaw actively exploited! Plus: Fake LastPass inheritance emails steal vaults, Iran's MuddyWater APT targets government entities and a new RedTiger Discord infostealer.

The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis Threat Research Unit (TRU) and Acronis sensors. Figures presented here were gathered in September 2025 and reflect threats that Acronis detected, as well as news stories from the public domain.