Backdoor.Mistic is a new stealthy backdoor deployed in cybercrime intrusions since April 2026, using DLL sideloading via legitimate MpExtMs.exe and masquerading as EndpointDlp.dll. It executes payloads in memory with a self-deleting kill switch, enabling long-term covert access. Mistic is likely linked to Woodgnat (aka KongTuke), an initial access broker whose ModeloRAT toolkit has been used in attacks delivering Qilin ransomware, connecting this backdoor to the broader ransomware ecosystem.
UNK_DeadDrop is a likely North Korean threat actor conducting broad phishing campaigns targeting software developers with fake job offers and code review requests. The campaign delivers malicious GitHub/GitLab repositories that abuse VS Code and Cursor IDE task automation to silently execute cross-platform malware. Linux and macOS systems receive the Overlord Go RAT with custom credential and wallet theft modules, while Windows runs a fileless Node.js/Python pipeline inside the editor's Electron process. The malware exfiltrates cryptocurrency wallets, browser credentials, and OS keychain data to a hardcoded C&C server at 23.137.105.75:5173.
Operation Endgame, a coordinated law enforcement action by Netherlands, Canada, US, and Germany, disrupted TA569's SocGholish web inject infrastructure by taking down over 100 servers and remediating 14,971 compromised websites. TA569 compromises legitimate websites—often WordPress installations—to inject obfuscated JavaScript that presents fake browser update pages to visitors, ultimately delivering GhoLoader malware which can lead to ransomware deployments. The attack chain leverages traffic direction systems (TA2726's Keitaro TDS and ParrotTDS) for victim filtering and uses advanced client-side blob URL construction to evade sandbox detection and network-based download tracing.
AI is not fundamentally changing adversary capabilities but is compressing attack timelines, lowering operational costs, and scaling existing tactics. Breakout times have dropped to an average of 29 minutes, with AI-enabled operations increasing 89% year-on-year. The most significant emerging threats are runtime-LLM malware (PROMPTSTEAL/LAMEHUG, QUIETVAULT) that query language models during execution, and agentic AI operations (GTG-1002) where AI agents conduct multi-stage intrusions with minimal human steering. Defenders face a dual pressure: faster attacks and an expanding attack surface from AI supply-chain dependencies.
Recorded Future's Insikt Group evaluates Mexico's newly published 2025-2030 National Cybersecurity Plan, assessing it against the country's actual threat landscape from 2020-2026. Ransomware is the dominant threat with 223 documented incidents across 64 groups, while financial malware (Mispadu, Grandoreiro, Casabaneiro, Fenix botnet), state-sponsored espionage (TAG-141/FamousSparrow, TGR-STA-1030), hacktivism (Chronus Team, Guacamaya), and organized crime-linked money laundering via Chinese networks compound the risk. The 2026 FIFA World Cup will be an early operational test of Mexico's cyber resilience.
Check Point Research identified a DeepSeek-attributed malicious Python Flask sample that transforms a theoretical browser ransomware risk into a practical attack using the File System Access API. The sample, disguised as a Discord avatar AI upscaler named InfernoGrabber v9.0, leverages social engineering to trick users into granting folder-level file access via browser permission prompts. Once access is granted, the web page can enumerate, read, exfiltrate, and encrypt files in the selected directory — all without installing a native payload or exploiting a browser vulnerability. The technique is particularly dangerous on Android where Chrome 132+ exposes the File System Access API to web content, allowing access to high-value photo directories including DCIM.
ThreatLabz identified a new attack campaign deploying 'Edgecution,' a malicious Microsoft Edge browser extension used by an initial access broker affiliated with Payouts King ransomware. The malware abuses the Chrome native messaging protocol to bridge a headless browser extension with a Python-based backdoor, enabling arbitrary code execution and filesystem access while evading traditional browser sandboxes.
A widespread malware campaign is leveraging compromised WhatsApp accounts to distribute malicious VBScript files disguised as financial documents. The multi-stage infection chain abuses legitimate Windows utilities to download payloads, attempts to bypass UAC via registry modifications, and ultimately deploys a preconfigured ManageEngine Endpoint Central RMM agent to establish persistent remote access.
This threat intelligence report highlights recent data breaches involving third-party vendors, emerging AI threat vectors such as prompt injection and WebSocket abuse, and active exploitation of critical vulnerabilities in Fortinet, Cisco, and Splunk products. Additionally, seasonal phishing campaigns targeting travelers and Amazon Prime members are surging alongside a cross-platform Rust-based crypto clipboard hijacker.
A sophisticated phishing campaign is leveraging highly personalized FIFA World Cup 2026 lures to deliver the evasive Voidrift malware. The attackers utilize extensive reconnaissance to embed target company logos into the email lures and host payloads on legitimate domains, successfully bypassing multiple prominent Secure Email Gateways.
A sophisticated malvertising campaign abused Google Ads to deliver ClickFix social engineering attacks disguised as popular AI developer tools and Mac utilities. The threat actors initially leveraged GitLab Pages before pivoting to weaponize claude.ai's shared chat feature, tricking macOS users into executing terminal commands that deploy the MacSync infostealer.
A threat actor is distributing Rust-based cryptocurrency clipboard hijackers for Windows and macOS by disguising them as trading bots and game predictors. The campaign leverages extensive social engineering, utilizing 'Ghost Networks' to artificially inflate engagement metrics across GitHub, SourceForge, YouTube, and VirusTotal to establish false credibility. The malware achieves persistence and continuously monitors the victim's clipboard to replace legitimate cryptocurrency addresses with attacker-controlled wallets.
A sophisticated multi-stage phishing campaign is spoofing the IRS and Elon Musk to lure victims into a fraudulent cryptocurrency initiative. The attack chain begins with an email offering a fake $5,000 tax refund, which redirects to a credential harvesting site that steals extensive PII, including government IDs and bank routing numbers. Victims are then funneled into a fake trading dashboard designed to facilitate direct financial fraud and continuous Bitcoin theft.
Morphisec researchers identified a significantly evolved version of the BabaDeda loader targeting the education and financial sectors. The campaign leverages ClickFix social engineering to trick users into executing PowerShell commands, leading to a complex, multi-stage infection chain involving DLL sideloading, in-memory execution, and external payload storage to deliver DanaBot and SectopRAT.
This threat intelligence report highlights multiple critical vulnerabilities and active exploits, including a zero-day in Oracle PeopleSoft (CVE-2026-35273) exploited by ShinyHunters and an IKEv1 authentication bypass in Check Point VPNs (CVE-2026-50751) linked to Qilin ransomware. Additionally, the report details emerging AI-driven threats, a supply-chain compromise in the Arch User Repository deploying eBPF rootkits, and widespread patching efforts by Microsoft and Veeam.
Perimeter Auth Collapse and AI-Driven Deception Shift the Battlefield
The security perimeter cracked open this week as critical authentication bypasses in Check Point VPNs, Ivanti Sentry, and Palo Alto GlobalProtect gave attackers a free pass into corporate networks, with Qilin ransomware already exploiting one to launch real attacks.
At the same time, AI became the year's most versatile weapon: criminals used ChatGPT and Claude brands as phishing lures, researchers proved AI email assistants will hand over corporate secrets to impersonators, and the Shai-Hulud campaign began injecting fake prompts to blind AI-powered security scanners.
Patch edge VPN appliances immediately, treat AI agents as high-risk insiders, and hunt for device-code authentication events that bypass normal credential checks.
The cyber risk landscape for 2026 is heavily influenced by regional conflicts, with PRC actors pre-positioning in critical infrastructure edge devices for strategic leverage. Russian actors are escalating hybrid warfare and OT/ICS disruption across Europe, while Iranian groups have decentralized to conduct wiper attacks and target cloud infrastructure. Concurrently, eCrime actors are exploiting these geopolitical tensions to deploy ransomware and infostealers, increasingly targeting hypervisors and industrial operations.
Varonis Threat Labs demonstrated that enterprise AI agents, specifically an OpenClaw deployment, are vulnerable to traditional phishing and social engineering techniques. In simulated attacks, the agent successfully identified technical phishing indicators like malicious OAuth flows but failed to recognize social context, resulting in the exfiltration of AWS credentials and sensitive CRM data to an external attacker.
Threat actors are leveraging short-form video platforms like TikTok and Instagram Reels to conduct social engineering campaigns. By posting fake tutorials for premium software and manipulating engagement algorithms, attackers trick users into executing malicious PowerShell commands that deploy Vidarstealer or direct them to fraudulent survey websites.
Threat actors are proactively targeting the 2026 FIFA World Cup ecosystem, employing mobile-first malware, QR-code phishing against event organizers, and real-time AiTM phishing kits to bypass MFA. The campaigns leverage AI-generated infrastructure and urgency-based lures to distribute Android cryptominers, Windows infostealers, and compromise corporate Google Workspace accounts.
Threat actors are increasingly leveraging the hype around AI platforms like ChatGPT, Claude, and DeepSeek to conduct social engineering attacks. These campaigns utilize phishing, malvertising, and SEO poisoning to distribute infostealers such as Vidar or facilitate credential theft via adversary-in-the-middle (AiTM) infrastructure.
A recent phishing campaign impersonates Amazon security alerts to deliver a custom remote access trojan (RAT) dubbed HarborWatch Agent. The attack leverages the ClickFix technique, using a fake CAPTCHA page to socially engineer victims into manually executing a malicious PowerShell command via the Windows Run dialog. Once executed, the script downloads the RAT, which collects system information and communicates with a C2 infrastructure managed via a panel called Harbor Sentinel.
The financially motivated threat cluster UNC3753 is conducting a fast-paced data theft and extortion campaign against US legal and professional services. The group leverages vishing and IT helpdesk impersonation to trick targets into installing legitimate RMM and screen-sharing tools, enabling rapid data exfiltration from corporate repositories and VDI environments. Notably, the campaign also involves suspected physical intrusions where actors use USB media to steal data directly from endpoints.
The 2026 FIFA World Cup faces a multifaceted threat landscape encompassing cybercriminal fraud, state-sponsored espionage, and physical security risks. Financially motivated actors are actively deploying purchase scams and fake domains to harvest payment card data, while state-aligned groups from Iran, Russia, and China are expected to target telecommunications, logistics, and VIP attendees for intelligence collection and potential disruption.
Threat actors are weaponizing legitimate online services, such as Zoom, by embedding malicious links and phone numbers into arbitrary text fields like usernames and meeting descriptions. By triggering automated emails from these services and forwarding them to victims, attackers successfully bypass traditional email security protocols (SPF, DKIM, DMARC) and Secure Email Gateways.
This threat intelligence bulletin highlights a surge in data breaches driven by social engineering, alongside the increasing weaponization of AI tools for phishing, malware development, and supply chain attacks. Active exploitation of vulnerabilities in PAN-OS GlobalProtect and Ghost CMS has been observed, while a critical unpatched RCE in Gogs remains a significant risk. Additionally, targeted campaigns like Grandoreiro and JINX-0164 continue to threaten the financial and cryptocurrency sectors using platform-specific malware and DLL side-loading.
Gamaredon (FSB) is conducting an ongoing cyberespionage campaign against Ukrainian targets using a modular, fileless infection chain. The attack leverages HTML smuggling and archive path traversal (CVE-2025-8088) for initial access, followed by the deployment of GammaWorm, which utilizes NTFS Alternate Data Streams (ADS) and Dead Drop Resolvers (DDRs) on legitimate platforms for persistence, propagation, and C2 communication.
ESET's Q4 2025–Q1 2026 APT Activity Report highlights global espionage and destructive campaigns by state-aligned actors. Notable incidents include a major supply chain compromise of the 'axios' npm library by Lazarus, destructive wiper attacks on Polish critical infrastructure by Sandworm, and the deployment of new edge-device implants like PhiliKit against Ivanti VPNs by China-aligned groups.
The 2026 FIFA World Cup presents a massive, multi-jurisdictional attack surface threatened by state-nexus disruptive operations and financially motivated cybercrime. Key risks include Iran-aligned actors targeting municipal OT infrastructure, pro-Russian hacktivists launching high-volume DDoS attacks against tournament services, and cybercriminals deploying ransomware against the hospitality supply chain.
Threat actors behind the ClearFake campaign are leveraging EtherHiding to host malicious JavaScript payloads within BNB Smart Chain testnet smart contracts, bypassing traditional URL-based blocking. The attack chain begins with a compromised watering hole site and uses a ClickFix social engineering overlay to trick Windows and macOS users into executing malicious commands. This leads to the deployment of SectopRAT and ACRStealer via WebDAV DLL loading and DLL sideloading, enabling extensive credential and browser session theft.
Russian threat actor UTA0355 is conducting targeted phishing campaigns against foreign policy and government professionals by spoofing European security conferences. The attackers use rapport-building techniques and out-of-band messaging to trick victims into authorizing malicious Microsoft 365 OAuth applications and Device Code workflows, granting unauthorized access to their accounts.
Threat actors are executing account takeover campaigns by distributing malware disguised as video games via compromised Discord accounts. Upon gaining initial access to a victim's Google account, attackers abuse the Family Link parental control feature by changing the victim's age to under 13 and assigning a malicious parent account. This allows the attackers to reset the password, bypass 2-Step Verification, lock the legitimate user out completely, and demand a ransom for account recovery.
Software Supply Chain and AI Exploitation Dominate Threat Landscape
The software supply chain has become the primary battlefield for attackers because compromising a single developer tool can cascade into thousands of enterprise networks. Campaigns like Mini Shai-Hulud and TrapDoor are stealing credentials and injecting backdoors across major code registries, while the Laravel Lang Compromise and the Coruna Exploit Kit show how malicious code can automatically execute to steal secrets or exploit end users. As a result, organizations must treat developer environments as high-value targets, because a single compromised package or malicious VS Code extension can lead to catastrophic breaches like the GitHub internal repository theft by TeamPCP.
In parallel, artificial intelligence is simultaneously accelerating attacks and creating dangerous new attack surfaces. Threat actors are using AI to automate influence campaigns like Patriot Bait and crack passwords, while also impersonating AI tools like Gemini CLI and Claude Code to deliver infostealers. Furthermore, attackers are directly targeting exposed AI infrastructure, such as Ollama AI endpoints, and manipulating AI coding assistants via hidden prompt injections in campaigns like TrapDoor, which means AI systems are both the weapon and the target.
These trends together suggest that traditional perimeter defenses are failing against supply chain and AI-driven threats. Managers should immediately enforce strict vetting of open-source packages, restrict developer access to unverified extensions, and ensure AI infrastructure is not exposed to the public internet.
Modern social engineering attacks have evolved to closely mimic legitimate business workflows, utilizing techniques like ClickFix, OAuth device code abuse, and in-browser blob phishing. These tactics bypass traditional security controls and create "gray-zone" alerts that require deep behavioral analysis to determine the true scope of compromise, such as credential theft, token abuse, or RMM deployment.
Unit 42 identified an active cyberespionage campaign by the Iran-nexus APT group Screening Serpens, targeting entities in the U.S., Israel, and the Middle East. The threat actor deployed two new RAT families, MiniUpdate and MiniJunk V2, utilizing advanced AppDomainManager hijacking and DLL sideloading to evade native .NET security mechanisms like ETW. The attacks rely on highly tailored social engineering lures, such as fake job portals and video conferencing updates, to initiate the infection chain and establish persistent command and control.
Trend Micro MDR analyzed Banana RAT, a sophisticated banking trojan operated by SHADOW-WATER-063 targeting Brazilian financial institutions. The malware utilizes a server-side polymorphic build pipeline to deliver unique, AES-encrypted PowerShell payloads that execute filelessly in memory. Once active, it enables operator-driven fraud through remote input control, keylogging, deceptive banking overlays, and a specialized Pix QR code interception subsystem.
A recent phishing campaign impersonates Zoom meeting invitations to trick users into downloading a malicious VBS script disguised as a software update. This script silently installs ConnectWise ScreenConnect, a legitimate RMM tool, granting attackers persistent remote access to the compromised system for potential follow-on attacks such as credential theft, lateral movement, or ransomware deployment.
Autonomous AI agents introduce significant security risks by operating within trust boundaries using delegated credentials, effectively bypassing traditional perimeter defenses. Effective security requires "agentic governance," focusing on strict identity management, granular action-level permissions, approval gates for high-risk operations, and comprehensive logging to mitigate threats like prompt injection and scope creep.
Developer Supply Chains Under Siege as Edge Device Exploits Surge
The dominant narrative this week is the coordinated weaponization of the software supply chain, as threat actors like TeamPCP and Mini Shai-Hulud aggressively target developer tools to steal cloud credentials. Because these attackers compromise trusted build systems like GitHub Actions, a single malicious package—such as the compromised TanStack libraries—can cascade into massive downstream breaches, allowing criminals to hold development environments hostage and even deploy destructive dead-man switches if their access is cut off.
In parallel, attackers are bypassing traditional network defenses by exploiting internet-facing edge devices and logging in with stolen credentials. Threat clusters are actively exploiting critical flaws in Cisco Catalyst SD-WAN and Microsoft Exchange, while ransomware groups like The Gentlemen and state-sponsored actors like Secret Blizzard use these footholds to live off the land, hijacking legitimate IT tools to stay hidden for months.
These trends together suggest that perimeter-focused defenses and basic patching are no longer sufficient. Organizations must immediately isolate their CI/CD pipelines from cloud credentials, enforce phishing-resistant multi-factor authentication on all internet-facing systems, and assume that trusted vendor tools may already be compromised.
UNC6671, operating under the BlackFile brand, conducts sophisticated vishing and Adversary-in-the-Middle (AiTM) attacks to bypass MFA and compromise SSO platforms like Microsoft 365 and Okta. Once inside, the group uses automated Python and PowerShell scripts to rapidly exfiltrate sensitive data via APIs, often masking their activity as routine file access events, before launching aggressive extortion campaigns.
The CrowdStrike 2026 Financial Services Threat Landscape Report highlights a 43% global increase in hands-on-keyboard intrusions against the financial sector. The threat landscape is dominated by eCrime ransomware operations, DPRK-nexus cryptocurrency theft via supply chain compromises, and China-nexus intelligence collection leveraging Operational Relay Box (ORB) networks and DLL search-order hijacking.
Infoblox Threat Intel uncovered a thriving underground economy on Telegram dedicated to unlocking stolen iPhones. Threat actors utilize specialized Windows binaries to extract device information and deploy targeted smishing campaigns via Apple lookalike domains to steal iCloud credentials, allowing them to bypass Activation Lock, wipe the device, and resell the hardware.
Active Directory Certificate Services (AD CS) is increasingly targeted by threat actors to achieve privilege escalation and persistence through misconfigured certificate templates and shadow credential abuse. By leveraging tools like Certipy and Whisker, attackers can bypass traditional credential defenses, necessitating behavioral detection strategies focused on LDAP enumeration, anomalous certificate issuance, and directory modifications.
In May 2026, threat actor SHADOW-AETHER-015 compromised Instructure's Canvas LMS backend, exposing sensitive data from 8,809 global educational institutions. The breach, likely facilitated via API exploitation or third-party integration compromise, exposed PII and private communications, creating significant risk for highly targeted follow-on spear-phishing and credential abuse campaigns.
This article provides a comprehensive overview of 14 common payment fraud tactics, including phishing, account takeover, and wire transfer fraud, highlighting the projected $362 billion in global losses by 2028. It emphasizes the need for organizations, particularly in e-commerce and finance, to implement layered defenses such as PCI compliance, 3D Secure authentication, and machine learning-based anomaly detection to mitigate financial and reputational damage.
The threat group ShinyHunters compromised Instructure's Canvas learning management system, likely via voice phishing (vishing) targeting their interconnected Salesforce environment. The breach resulted in the theft of 3.65 TB of sensitive data affecting 275 million users, which the actors are now leveraging in an active extortion campaign and which poses a severe downstream phishing risk.
A supply chain attack utilizing five malicious NuGet packages typosquatting Chinese .NET libraries has been discovered distributing a cross-platform infostealer. The malware leverages .NET Reactor and JIT hooking via module initializers to execute automatically upon assembly load, targeting credentials and cryptocurrency wallets across developer workstations and CI/CD pipelines.
Elastic Security Labs identified TCLBANKER, a new Brazilian banking trojan distributed via DLL sideloading that features robust anti-analysis mechanisms and environment-gated payload decryption. The malware deploys a full-featured banking trojan with a WPF-based social engineering overlay framework, alongside worm modules that self-propagate by hijacking WhatsApp Web sessions and Microsoft Outlook accounts.
Threat actors are exploiting the OpenClaw AI agent framework by publishing a deceptive 'DeepSeek-Claw' skill that distributes malware. The campaign utilizes malicious installation instructions to deploy Remcos RAT on Windows via DLL sideloading and GhostLoader on macOS/Linux via obfuscated Node.js scripts, enabling persistent access and data exfiltration.
A large-scale Adversary-in-the-Middle (AiTM) phishing campaign targeted over 35,000 users using sophisticated 'code of conduct' lures. The attack chain leveraged legitimate email services, PDF attachments, and multiple CAPTCHA gates to evade detection, ultimately proxying Microsoft 365 authentication sessions to steal tokens and bypass standard MFA.