Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

2025 was a defining year for CYJAX. With a bold rebrand, product innovation, and growing industry recognition, we strengthened our mission to empower organisations with analyst-enriched threat intelligence. This blog takes a retrospective look at CYJAX in 2025, a year that shaped our growth and direction.

This blog analyses 2026, examining how pro-Russian hacktivist groups targeted UK government, financial, and transport organisations in response to geopolitical support for Ukraine.

A deep dive into the UK’s most significant cybersecurity breaches, examining how they happened, what went wrong, and the lessons organisations can learn. From household brands to public institutions, these incidents reveal the real cost of poor cyber resilience.

As explored in CYJAX’s recent blog, “PhishinGit – GitHub.io pages abused for malware distribution”, a core feature of GitHub is that it allows users to create and host free static webpages for repositories on github.io. Whilst this service is primarily used to display legitimate projects and host functional webpages, it is known to be used to host malicious files, infrastructure, and content.

Understanding the Deep Web and Dark Web is essential for CISOs navigating today’s threat landscape. This blog breaks down their differences, the risks they pose, and how intelligence-led monitoring helps organisations detect, prevent, and respond to cyber threats before they escalate.

Discover the top cyber risks in the financial sector for 2025, from ransomware to AI-driven fraud, and how CYJAX helps detect scams early.

CYJAX has identified a growing trend of AI-based tools being developed and shared across threat actor forums for fraudulent and cybercriminal purposes, highlighting the need for proactive monitoring and defence against evolving AI-driven threats.

This blog discusses PhishinGit, a phishing campaign uncovered by CYJAX that abuses GitHub.io pages to distribute malware disguised as Adobe downloads. It explains how threat actors used Browser-in-the-Browser (BitB) techniques, Dropbox-hosted payloads, and anti-analysis JavaScript to evade detection. The blog also explores the attack chain, observed mitigations, MITRE ATT&CK mapping, and indicators of compromise (IOCs) to help organisations identify and defend against similar threats.

This blog explores a CYJAX investigation into a search engine poisoning campaign impersonating 14 global airlines, including KLM, Delta, and Lufthansa. Over 150 fake support pages were found hosting fraudulent contact numbers, tricking users into calling threat actors. The post examines how these scams exploit SEO, manipulate AI-enhanced search results, and what users can do to stay protected.

CYJAX has expanded its ransomware group coverage, giving clients broader visibility and faster intelligence on emerging threats. This blog highlights the surge in global ransomware attacks and explains how this product update enhances organisational resilience in an evolving threat landscape.