Researchers found a phishing campaign using Phorpiex malware to spread Global Group ransomware. The attack employs deceptive file names to trick users into downloading a Windows shortcut that encrypts files offline, making recovery nearly impossible. It also erases backup files to cover its tracks.

Researchers found that Sicarii ransomware has a decryption flaw, rendering victims' data unrecoverable even if they pay the ransom. The malware generates a new RSA key for each attack, discarding the private key, leaving no viable recovery option. Caution is advised for organizations considering ransom payments.

Cybercriminals are increasingly exploiting the Lovable AI website builder to create phishing pages and fraudulent sites that impersonate well-known brands. Despite Lovable's efforts to detect and eliminate malicious content, the rising number of AI site generators is lowering the barriers for cybercrime. Recent campaigns have targeted organizations and individuals through sophisticated phishing schemes, resulting in significant data theft and malware distribution.