Interlock Ransomware Attack

Blog

Byadmblake March 19, 2026

An active Interlock ransomware campaign is exploiting a critical vulnerability (CVE-2026-20131) in Cisco Secure Firewall Management Center (FMC), enabling unauthenticated remote code execution as root. The campaign combines edge-device exploitation, custom malware tooling, and double extortion tactics, indicating a mature and targeted ransomware operation.

Blog

Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys

A new set of four malicious packages have been discovered in the npm package registry with capabilities to steal cryptocurrency wallet credentials from Ethereum developers. “The packages masquerade as legitimate cryptographic utilities and Flashbots MEV infrastructure while secretly exfiltrating private keys and mnemonic seeds to a Telegram bot controlled by the threat actor,” Socket researcher

Read More Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys
Blog

Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms

The notorious cybercrime group known as Scattered Spider (aka UNC3944) that recently targeted various U.K. and U.S. retailers has begun to target major insurance companies, according to Google Threat Intelligence Group (GTIG). “Google Threat Intelligence Group is now aware of multiple intrusions in the U.S. which bear all the hallmarks of Scattered Spider activity,” John…

Read More Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms
Blog

Chinese Actor Hit Taiwanese Drone Makers, Supply Chains

Tidrone concentrated on military entities and the satellite sector, using their associated service providers and ERP software to infect not just drones but all the entities that are part of their supply chains.

Read More Chinese Actor Hit Taiwanese Drone Makers, Supply Chains
Blog

While ECH Adoption Is Low, Risks Remain for Enterprises, End Users

Is the new privacy protocol helping malicious actors more than Internet users?

Read More While ECH Adoption Is Low, Risks Remain for Enterprises, End Users
Blog

Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act

Google on Tuesday revealed that its large language model (LLM)-assisted vulnerability discovery framework discovered a security flaw in the SQLite open-source database engine before it could have been exploited in the wild. The vulnerability, tracked as CVE-2025-6965 (CVSS score: 7.2), is a memory corruption flaw affecting all versions prior to 3.50.2. It was discovered by…

Read More Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act
Blog

Google Pixel 10 Adds C2PA Support to Verify AI-Generated Media Authenticity

Google on Tuesday announced that its new Google Pixel 10 phones support the Coalition for Content Provenance and Authenticity (C2PA) standard out of the box to verify the origin and history of digital content. To that end, support for C2PA’s Content Credentials has been added to Pixel Camera and Google Photos apps for Android. The…

Read More Google Pixel 10 Adds C2PA Support to Verify AI-Generated Media Authenticity

Related