GOLD SALEM’s Warlock operation joins busy ransomware landscape
The emerging group demonstrates competent tradecraft using a familiar ransomware playbook and hints of ingenuity
Similar Posts
7-Zip Vulnerability Lets Hackers Write Files and Run Malicious Code
Bys sDivya reports: A security vulnerability has been discovered in the popular 7-Zip file compression utility that could allow attackers to write arbitrary files to victim systems and potentially execute malicious code. The flaw, tracked as CVE-2025-55188, affects all versions of 7-Zip prior to the recently released version 25.01 and stems from improper handling of symbolic links……
Learning How to Hack: Why Offensive Security Training Benefits Your Entire Security Team
Bys sOrganizations across industries are experiencing significant escalations in cyberattacks, particularly targeting critical infrastructure providers and cloud-based enterprises. Verizon’s recently released 2025 Data Breach Investigations Report found an 18% YoY increase in confirmed breaches, with the exploitation of vulnerabilities as an initial access step growing by 34%. As attacks rise
FIN6 Uses AWS-Hosted Fake Resumes on LinkedIn to Deliver More_eggs Malware
Bys sThe financially motivated threat actor known as FIN6 has been observed leveraging fake resumes hosted on Amazon Web Services (AWS) infrastructure to deliver a malware family called More_eggs. “By posing as job seekers and initiating conversations through platforms like LinkedIn and Indeed, the group builds rapport with recruiters before delivering phishing messages that lead to…
California’s New Delete Request Tool Impacts Data Brokers and Residents
Bys sGoing forward, this might help California residents reduce the chances of their personal information being caught up in some breaches. Hunton Andrews Kurth writes: On September 26, 2025, following a public comment period, the California Privacy Protection Agency (“CPPA”) adopted its regulations concerning the Delete Request and Opt-Out Platform (“DROP”). The DROP is a tool developed to……
Ohio law to require local governments to formally approve ransomware payments
Bys sCleveland.com reports: In response to Cleveland and other local governments around Ohio being targeted with cyberattacks and ransomware threats, the state of Ohio will soon require all counties, cities, townships, school districts, libraries, and other local governments to have a cybersecurity policy that adheres to certain standards, as well as only allow locals to approve…
Japanese cancer hospital confirms breach; Qilin gang claims responsibility
Bys sStefanie Schappert reports: The Qilin ransomware group said it is responsible for the February 10th hack of a prestigious cancer treatment center in Japan, exposing the sensitive health information of 300,000 patients and leaving its hospital system “unusable.” The Utsunomiya Central Clinic (UCC) cancer treatment center first alerted the public to the ransomware attack on…