Verticals Targeted: Not specified Regions Targeted: Not specified Related Families: AHK Bot, Skitnet/Bossnet| PolySwarm Main Blog
Verticals Targeted: Public Sector, Aviation Regions Targeted: Middle East Related Families: None Executive Summary Charon is a new ransomware family employing advanced APT-style techniques, targeting Middle Eastern public sector and aviation organizations with tailored ransom demands. Its sophisticated attack chain, including DLL sideloading and process injection, underscores the growing convergence of ransomware and APT tactics.| PolySwarm Main Blog
Verticals Targeted: Government, Healthcare, Manufacturing, Transportation, Law and Consulting, IT, Agriculture Regions Targeted: Brazil, Japan, Canada, Turkey, South Korea, Taiwan, United States Related Families: Conti Executive Summary Gunra ransomware has debuted a Linux variant that boosts encryption speed and flexibility, signaling a shift toward broader cross-platform attacks following its initial Windows campaigns.| PolySwarm Main Blog
Verticals Targeted: Government Regions Targeted: US Related Families: StealC, RedLine, NetSupport RAT, DeerStealer, HijackLoader, SectopRAT Executive Summary CastleLoader, a versatile malware loader, has infected 469 devices since May 2025, leveraging Cloudflare-themed ClickFix phishing and fake GitHub repositories to deliver information stealers and RATs. Its sophisticated attack chain, high infection rate, and modular design make it a significant threat to organizations, particularly U.S. g...| PolySwarm Main Blog
Verticals Targeted: Government, Defense, NGOs, Think Tanks, Education, Media, Financial, Healthcare Regions Targeted: US, Europe, East Asia, Africa Related Families: Warlock, LockBit Executive Summary Microsoft has disclosed active exploitation of critical vulnerabilities in on-premises SharePoint servers by Chinese threat actors, urging immediate patching and additional mitigations to prevent unauthorized access and data theft.| PolySwarm Main Blog
Since April 2025, the BERT ransomware group has targeted organizations in healthcare, technology, and event services across Asia, Europe, and the United States, utilizing PowerShell loaders and multi-threaded encryption.| blog.polyswarm.io