Summarizing the past year’s threat landscape based on activity observed in ANY.RUN’s Interactive Sandbox, this annual report provides insights into the most detected malware types, families, TTPs, and phishing threats of 2025. For additional insights, view ANY.RUN’s quarterly malware trends reports. Key Takeaways Threat activity surged, with total sandbox sessions up 72% and malicious detections growing proportionally, reflecting increased frequency and depth of analysis among SOCs. Stealers and RATs maintain dominance, tripling in activity compared to 2024. Lumma and XWorm led malware family rankings, highlighting…
Category: Reports
ANYRUN, Cybersecurity, Exploits, Global Security News, Malware Analysis, Reports
Malware Trends Q4 2025: Inside ANY.RUN’s Latest Threat Landscape Report
We’re glad to present our regular quarterly report highlighting the most prominent malicious trends of the last three months of 2025, as observed by ANY.RUN’s community. Following the release of our annual report on key threats and milestones, this report offers a closer look at the threat landscape of the final chapter of 2025. The Malware Trends report Q4 features top malware types, families, phishing kits, TTPs, APTs, and other notable insights. You can turn to the previous Q3 report for reference. Key Takeaways Threat activity remained steady,…
Exploits, Global Security News, hacking, Mobile, Reports, Security
CERT-FR recommends completely deactivate Wi-Fi whenever it’s not in use
The CERT-FR (French Computer Emergency Response Team) is advising iPhone and Android users to fully disable Wi-Fi to reduce risk. CERT-FR warns iPhone and Android users to fully disable Wi-Fi to reduce exposure, citing multiple vulnerabilities across wireless interfaces, apps, OSs, and even hardware. The agency reiterates basic hygiene: install apps only from official stores, review…
Breaking News, Exploits, Global Security News, intelligence, malware, Reports, Security
CISA: Spyware and RATs used to target WhatsApp and Signal Users
CISA warns that threat actors are actively using commercial spyware and RATs to target users of mobile messaging apps WhatsApp and Signal. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of threat actors using commercial spyware and remote access trojans (RATs) to target users of popular instant messaging applications, including WhatsApp and Signal.…
Breaking News, cyber crime, Exploits, Global Security News, hacking, malware, Reports
Ransomware payments hit record low: only 23% Pay in Q3 2025
Only 23% of ransomware victims paid in Q3 2025, the lowest ever, continuing a six-year decline in payment rates, Coveware reports. Cybersecurity firm Coveware reports that only 23% of ransomware victims paid attackers in Q3 2025, the lowest rate ever recorded. The researchers note this continues a six-year decline in payment rates. After 28% of…
Breaking News, Exploits, Global Security News, hacking, information security news, Reports, Security
Unverified COTS hardware enables persistent attacks in small satellites via SpyChain
SpyChain shows how unverified COTS hardware in small satellites can enable persistent, multi-component supply chain attacks using NASA’s NOS3 simulator. The rise of small satellites has transformed scientific, commercial, and defense operations. Using commercial off-the-shelf (COTS) parts makes them cheaper and faster to build but also introduces new, poorly understood security risks unique to space…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, Reports, Security
FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups
The U.S. FBI issued a flash alert to warn of malicious activities carried out by two cybercriminal groups tracked as UNC6040 and UNC6395. The FBI issued a FLASH alert with IOCs for cybercriminal groups UNC6040 and UNC6395, which are increasingly targeting Salesforce platforms for data theft and extortion. “The Federal Bureau of Investigation (FBI) is…
ANYRUN, Cybersecurity, Global Security News, malware, Reports, update
Malware Trends Report, Q2 2025: Know the Key Risks to Your Business
Get Q2 2025 Report Based on real data from 15,000+ global SOC teams. Top malware types, families, and APTs Changes in threat landscape since Q1 2025 What SOC teams need to focus on Opt in to receive news, updates, and promotions. Get free report Loading… A copy of the report has been sent to your…
Asia Pacific, Botnet, Breaking News, DDoS, Global Security News, Reports, Security
DDoS peaks hit new highs: Cloudflare mitigated massive 7.3 Tbps assault
Cloudflare blocked 7.3M DDoS attacks in Q2 2025, down from 20.5M in Q1, while hyper-volumetric attacks surged with 6,500+ blocked, averaging 71 daily. Cloudflare mitigated 7.3M DDoS attacks in Q2 2025, down from 20.5M in Q1, 13.5M of which stemmed from an 18-day Q1 campaign. Hyper-volumetric attacks surged, with over 6,500 blocked, averaging 71 per…
cryptography, Global Security News, Homomorphic Encryption, Reports, Security Bloggers Network, Uncategorized
NCSC Guidance on “Advanced Cryptography”
The UK’s National Cyber Security Centre just released its white paper on “Advanced Cryptography,” which it defines as “cryptographic techniques for processing encrypted data, providing enhanced functionality over and above that provided by traditional cryptography.” It includes things like homomorphic encryption, attribute-based encryption, zero-knowledge proofs, and secure multiparty computation. It’s full of good advice. I…