Escalating tensions between China and Taiwan due to geopolitical and military events have led to a surge in cyber activity, particularly involving the distribution of malicious emails to drop malware targeting individuals in Taiwan.

"Merdoor" a highly sophisticated malware backdoor, has been utilized by an advanced persistent threat (APT) group Lancefly, targeting organizations in South and Southeast Asia since mid-2022, with campaigns extending into early 2023.

The latest #StopRansomware advisory highlights the activities of the BianLian ransomware gang.

Since April 2023, a new ransomware strain called Akira has been on the rise, with at least 16 publicly disclosed victims.

Dragos, an industrial cybersecurity company, has revealed a "cybersecurity event" where a cybercrime gang attempted to breach its defenses and infiltrate the internal network with the intention of encrypting devices for extortion.

An increase in samples of the DarkWatchman Remote Access Trojan (RAT) has been observed, with the latest campaign involving threat actors mimicking the popular Russian cryptography site CryptoPro CSP.

North Korean threat group, Kimsuky is discovered to be deploying an evolved variant of its 'BabySkark' malware recognized as 'ReconShark.'

A new ransomware strain recognized as "CACTUS" emerged in March 2023, targeting large enterprises. Researchers from Kroll Cyber Threat Intelligence provide an in-depth report of tactics, techniques, and procedures (TTPs) demonstrated by the CACTUS operators in their recent attacks.

Since its emergence in September 2022, the Royal ransomware gang established itself as a clear and proficient threat group. A Unit 42 threat assessment details recent activity and metrics involving the notorious threat group.