Cybersecurity researchers from Trustwave SpiderLabs link a sharp increase in cyberattacks to Russian hosting service Proton66. The IP ranges associated with Proton66 have been used to exploit critical software vulnerabilities affecting organisations globally. Multiple active malware campaigns tied to the hosting service have also been found. The researchers recommend blocking all CIDR ranges linked to Proton66 to mitigate the threat.
Fog ransomware notes troll with DOGE references, bait insider attacks
Fog ransomware attacks over the past month used a note referencing the U.S. Department of Government Efficiency (DOGE) to trick users into spreading the malware.
