December 2024 marks the 35th anniversary of ransomware and the 20th anniversary of its first usage for criminal purposes. From its origin as malware pretending to be an AIDS risk testing software in 1989 to modern-day crypto-ransomware like Maze, the crime has evolved greatly. Despite advancements in security tech, the profitability of ransomware means it will likely continue into the foreseeable future.

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and