New Lua malware LucidRook targets Taiwanese NGOs
The attacks, discovered in October 2025, utilize RAR or 7-Zip archives with lures to deliver a dropper called LucidPawn.
Hive
Ransomware
Prolific RaaS disrupted by FBI in January 2023. Targeted over 1,500 victims including hospitals and critical infrastructure.
Also known as: hive ransomware, hive malware
AI Intelligence Brief
Related YARA Rules View all on YARA Rules page →
90-Day Activity
Last 90 Days (8)
Last 90 Days
All Time
Obfuscated JavaScript or Nothing, (Thu, Apr 9th)
I spotted an interesting piece of JavaScript code that was delivered via a phishing email in a RAR archive. The file was called “cbmjlzan.
Uffizi Galleries cyberattack: Data stolen, backups restore archive
Hackers targeted the Uffizi Galleries in February 2026, allegedly stealing the museum's entire photographic archive.
Cisco Secure Web Appliance Real-Time Scanning Archive File Bypass Vulnerability
A vulnerability in the Dynamic Vectoring and Streaming (DVS) Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an un...
ZDI-26-077: GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this...
ZDI-26-076: GFI Archiver MArc.Store Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Although authentication is required to exploi...
ZDI-26-075: GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this...
ZDI-26-074: GFI Archiver MArc.Core Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Although authentication is required to exploi...