Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Bumblebee is a downloader malware which has become known for its sophistication and effectiveness. The malware was first discovered in 2022 and was believed to be a tool for ransomware groups due to the developer’s close ties with Conti. Since then, it has been used in various attacks and has been delivered through multiple methods, including phishing emails, malicious documents, and SEO poisoning.

Scattered Spider, aka UNC3944, is switching the focus of its retail-oriented attacks from the UK market to the US, according to published reports. At this time, no US retailers have been named as targets, but the alleged Scattered Spider activity is a clear sign retailers in the US and worldwide need to prepare.

A newly identified strain of commodity ransomware named Mamona has emerged in the cybercriminal underground. This threat diverges from typical ransomware-as-a-service (RaaS) models by functioning entirely offline, relying on custom-built cryptographic routines and deploying no external command-and-control (C2) infrastructure.

Malware—short for malicious software and malicious programs—is one of the most dangerous cybersecurity threats today. From computer viruses and spyware to ransomware and trojans, these harmful programs are designed to: Cybercriminals are constantly developing new and more advanced forms of malware. Every single day, over half a million new malware samples are discovered globally, showing just how fast these threats are evolving. For businesses, the consequences can be severe.

The LockBit ransomware group's dark web infrastructure has suffered a major blow following a significant breach on May 7, 2025. This cyberattack targeted LockBit's onion-based infrastructure—including their affiliate and admin panels—and resulted in the complete defacement of the sites. The attackers left behind a taunting message: "Don't do crime, CRIME IS BAD xoxo from Prague," along with a link to a leaked MySQL database dump.

Luna Moth threatens U.S. legal and financial firms, Venom Spider targets hiring managers and recruiters, and StealC malware receives new upgrades.

In Part 1 of this blog series The Ransomware Threat: Preparing Schools and Libraries for Ransomware Attacks, we discussed creating a pre-incident plan that includes a backup process, asset management, identity and access management, risk-based vulnerability management, and security awareness training to minimize the risk of ransomware attacks.

Mandiant warns that the Scattered Spider cybercriminal group is using “brazen” social engineering attacks to target large enterprise organizations in a wide range of sectors. Specifically, the group targets “organizations with large help desk and outsourced IT functions which are susceptible to their social engineering tactics.” The threat actors impersonate employees and attempt to trick IT workers into granting them access. The group also poses as IT workers to target employees.