CyberVolk's new ransomware, VolkLocker, has significant flaws that allow victims to recover their files without paying the ransom. It targets Windows and Linux systems and includes a built-in timer that threatens to delete user files if payment isn't made in time. The group is also expanding its services to include a remote access trojan and keylogger.

Researchers believe a massive fraudulent gambling network, active for 14 years, is likely backed by a nation-state. It targets government and private organizations in the US and Europe, exploiting vulnerabilities in websites to support its operations. The infrastructure includes over 328,000 domains and costs millions to maintain.

A new botnet named Androxgh0st is expanding its operations by exploiting vulnerabilities in university servers in the United States. The botnet is capable of executing various malicious activities, raising concerns about its potential impact on educational institutions and cybersecurity.

A fake "My Vodafone" app was distributed to targets via SMS, claiming to restore mobile data connectivity after an attacker disabled their connection. The app, signed with an enterprise certificate, contains multiple privilege escalation exploits, including an unusual sixth exploit related to the iPhone's Display Co-Processor (DCP), which raises concerns about the security implications of compromising such co-processors in modern devices.

The article explores the concept of developing C2-less malware using large language models (LLMs) for autonomous decision-making and exploitation. It discusses the implications of such technology, particularly through a malware example called "PromptLock," which utilizes LLMs to generate and execute code without human intervention. The author proposes a proof of concept for self-contained malware capable of exploiting misconfigured services on a target system.

Attackers are exploiting Velociraptor, a forensic tool, to create malware that evades detection by security systems. This misuse demonstrates a growing trend of utilizing legitimate tools for malicious purposes, highlighting the need for improved security measures to combat such tactics.