GOLD SALEM tradecraft for deploying Warlock ransomware
Analysis of the tradecraft evolution across 6 months and 11 incidents
Similar Posts
Infostealers: The silent doorway to identity attacks — and why proactive defense matters
Bys sCredential theft isn’t just an inconvenience. It’s often the first move in a chain reaction that ends in full-scale compromise. Beyond the dreaded password reset process, information stealers, as shown in several recent cyberattacks, can have far more consequential follow-on effects. For many small and mid-sized organizations, a single stolen identity can lead to…
New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors
Bys sCybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code. “This technique enables hackers to silently compromise AI-generated code by injecting hidden malicious instructions into seemingly innocent
SecAlerts Cuts Through the Noise with a Smarter, Faster Way to Track Vulnerabilities
Bys sVulnerability management is a core component of every cybersecurity strategy. However, businesses often use thousands of software without realising it (when was the last time you checked?), and keeping track of all the vulnerability alerts, notifications, and updates can be a burden on resources and often leads to missed vulnerabilities. Taking into account that nearly…
B.C. health authority faces class-action lawsuit over 2009 data breach
Bys sBrendan Shykora reports: B.C.’s Interior Health Authority (IH) has been served a class-action lawsuit over a data breach in 2009 that allegedly exposed thousands of employees’ sensitive information, which ended up sold on the dark web. Filed in B.C. Supreme Court Thursday, May 22, the lawsuit claims the breach compromised the personal information of employees who worked for IH between…
Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users
Bys sCybersecurity researchers have discovered two new malicious extensions on the Chrome Web Store that are designed to exfiltrate OpenAI ChatGPT and DeepSeek conversations alongside browsing data to servers under the attackers’ control. The names of the extensions, which collectively have over 900,000 users, are below – Chat GPT for Chrome with GPT-5, Claude Sonnet &…
Apple Warns French Users of Fourth Spyware Campaign in 2025, CERT-FR Confirms
Bys sApple has notified users in France of a spyware campaign targeting their devices, according to the Computer Emergency Response Team of France (CERT-FR). The agency said the alerts were sent out on September 3, 2025, making it the fourth time this year that Apple has notified citizens in the county that at least one of…