A novel ransomware strain named Ymir has emerged, encrypting systems previously compromised by the RustyStealer malware. RustyStealer, a credential-harvesting tool initially documented in 2021, is now being used to facilitate ransomware deployment, reflecting an increasing trend of collaboration among cybercriminal operations.

A newly identified malware, code-named "FiXS," has begun affecting ATMs across Mexican banks. The malware's name comes from an identifier found within its binary code. FiXS appears to operate similarly to the infamous Ploutus malware, utilizing an external keyboard connection to control the ATM.

A significant ransomware attack has recently exploited vulnerabilities in CyberPanel, affecting over 22,000 instances globally. PSAUX ransomware leveraged a critical security flaw, leaving these web hosting control panels compromised and effectively taken offline. Here’s an overview of the vulnerabilities exploited, the ransomware’s impact, and steps for mitigation.

BlackSuit functions as ransomware designed to encrypt files within a targeted system. It operates on both Windows and Linux platforms, including VMware ESXi.

Since June 2023, instances of Akira ransomware targeting Linux systems have been identified, tracing back their wider activities to April. The initial infection strategy entails exploiting vulnerabilities in publicly accessible services and applications.