Ransomware group SafePay is now the most prevalent actor, surpassing other threats in May, due to its double extortion strategy. Seven African nations, led by Ethiopia, are among the top 20 most targeted by malware. Despite the seizure of thousands of domains linked to malware-as-a-service platform Lumma, its core servers in Russia remain operational. Globally, the education sector is the most targeted by cyber threats, according to Check Point Software Technologies’ Global Threat Index for May 2025.
GitHub hit by a sophisticated malware campaign as ‘Banana Squad’ mimics popular repos
The repository names are identical to other repositories, indicating typo-squatting. These repositories also contain search keywords and emojis, signifying potential AI use. ReversingLabs warns developers
