VNVũ Nhật Lâminblog.fiscybersec.com·12h ago · 7 min readMistic Backdoor: KongTuke's New Weapon in the ClickFix – ModeloRAT – Ransomware EcosystemExecutive Summary A new backdoor named Backdoor.Mistic (also tracked by Zscaler as MLTBackdoor) has surfaced in intrusions since April 2026, hitting organizations across insurance, education, IT, and 00
VNVũ Nhật Lâminblog.fiscybersec.com·Jul 7 · 10 min readClickFix Grows Into an Ecosystem: A New Wave of Loaders (BabaDeda, Lorem Ipsum, Potemkin) and the Convergence With EtherHidingSummary In mid-2026, three independent reports from Morphisec, BlueVoyant, and Huntress converged on the same point: ClickFix has stopped being a one-off social engineering trick and become the delive00
TSTech Skill Schoolintechskillschool.hashnode.dev·Jul 2 · 7 min readHow Ransomware Leak Sites Help Threat Intelligence InvestigationsIn the ever-evolving landscape of cybersecurity, ransomware attacks continue to pose one of the most significant threats to organizations worldwide. As cybercriminals refine their tactics, ransomware 00
KRKishore Rinkishorecybersec.hashnode.dev·Jun 29 · 4 min readWhat is Ransomware?Introduction: Ransomware is among the most serious and quickly evolving threats to individuals, business, hospitals, and government organizations around the world. Ransomware attacks can encrypt criti10
4F404 Foundersin404-founders.com·Jun 27 · 4 min readEdgecution: Edge Extension Deploys RansomwareA malicious Microsoft Edge extension called "Edgecution" escapes the browser sandbox through Chrome Native Messaging and deploys a Python backdoor linked to the Payouts Kings ransomware operation. CVE00
4F404 Foundersin404-founders.com·Jun 25 · 4 min readClickFix to Ransomware: A Fake Browser Update, Eleven Compromised MachinesA fake browser update asked a user to paste a command. Eleven machines later, the attackers had Defender disabled, credentials stolen, and ransomware staging in progress. The campaign uses a technique00
4F404 Foundersin404-founders.com·Jun 25 · 5 min readRansomware Hits Your Network. You Have 24 Hours.It is Tuesday at 9:14 AM. Your monitoring system flags unusual encryption activity across multiple file servers. By 9:30 AM, your IT team confirms: ransomware has encrypted your patient management sys00
4F404 Foundersin404-founders.com·Jun 24 · 3 min readApple and Tesla Factory Secrets Leaked Through a Supplier BreachA ransomware group just published what it says are Apple's iPhone factory specs and Tesla's trade secret vehicle drawings. The files came from Tata Electronics, one of Apple's biggest manufacturing pa00
4F404 Foundersin404-founders.com·Jun 24 · 3 min readDragonForce Hid Inside Microsoft Teams For Six MonthsA ransomware group spent months inside a company's network. Their command-and-control traffic looked like Microsoft Teams calls. Nobody flagged it. The Trick DragonForce, a ransomware operation activ00
4F404 Foundersin404-founders.com·Jun 20 · 3 min readPeopleSoft Zero-Day: ShinyHunters Hit 100+ OrganizationsShinyHunters used an Oracle PeopleSoft zero-day to breach over 100 organizations. Mostly universities. Data stolen, ransom demanded. Oracle patched it on June 10 - two weeks after attacks started. CVE00