The VX-Underground malware-sharing collective has been framed by a new variant of Phobos ransomware, indicating the group’s involvement in encryptor attacks. Launched in 2018, Phobos is a form of Ransomware-as-a-Service originating from the Crysis ransomware family. While not an “elite” operation, it has a substantial reach. This latest variant features ransom notes mimicking VX-Underground’s style and contact details, suggesting threat actors have display a vested interest in the cybersecurity community.
DeepSeek AI tools impersonated by infostealer malware on PyPI
Threat actors replicated the AI tool DeepSeek in two malicious packages on the Python Package Index (PyPI) to steal user and system data. Named “deepseeek”
