8Base ransomware threat actors are using a variant of Phobos ransomware in financially motivated attacks, according to Cisco Talos. Most of the group’s Phobos variants are distributed by SmokeLoader, a backdoor trojan. In 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. Phobos, first emerged in 2019, is an evolution of the Dharma ransomware and is sold as a ransomware-as-a-service (RaaS) to affiliates.
New macOS malware disguises itself as popular installers
North Korean hackers are deploying malware onto Mac computers using fake job offers and disguised apps updates in a campaign known as “FlexibleFerret” or “Contagious
