Cybersecurity researchers warn of a sophisticated ransomware attack that uses a Python-based backdoor for persistent access to compromised networks, deploying RansomHub ransomware. The initial access is facilitated by JavaScript malware SocGholish, distributed via browser update scams, often through infected websites. The Python script has been observed since December 2023. Other precursor tools disable endpoint detection, steal credentials, brute-force email accounts, and deliver more payloads.

NSA warns that overlooked botnet technique threatens national security
The National Security Agency (NSA) has warned that fast flux, a technique used by cybercriminals and hostile nations to hide their activities, is a significant