Akira Ransomware Strikes PH Molds Limited in Canada

Akira has claimed a ransomware attack against PH Molds Limited, a Canadian plastic injection mold design and manufacturing company, and is threatening to leak 35 GB of corporate data if a payment is not made. The article outlines what is known about the intrusion so far, the type of business information that may have been accessed, and how this incident fits into Akira’s broader history of targeting industrial and manufacturing organizations.

Itch.io Targeted: Lumma Stealer Deployed Via Fake Updates and Reflective Node.js Loader

Researchers describe a campaign abusing the indie game platform Itch.io, where attackers flood game comment sections with links to supposed “updates” that actually install the Lumma Stealer information stealing malware. The article walks through the infection chain, including a nexe-compiled Node.js loader and reflective loading technique, and explains how the stealer harvests browser data, cryptocurrency wallets, and other sensitive information before exfiltration.

Japanese Firms Suffer Long Tail of Ransomware Damage

This piece looks at how companies in Japan, including Asahi Holdings and online retailer Askul, are still dealing with operational disruption and potential data exposure months after ransomware incidents. It highlights shipping delays, suspended online ordering, and knock-on impact on other brands such as Muji, and uses these cases to illustrate how recovery and breach assessment can drag on long after systems are brought back online.

Services Australia may get powers to rein in data breach exposure

An Australian National Audit Office report suggests giving Services Australia new authority to compel third parties to quickly disclose data breaches involving government identifiers such as Medicare and Centrelink numbers. The article explains the sharp rise in notifiable breaches tied to credential theft and impersonation, ongoing issues with slow notification timelines, and how proposed changes could tighten oversight of how external organizations handle government-linked personal data.

Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws

Microsoft’s December Patch Tuesday addresses 57 vulnerabilities, including three zero day issues, one of which is an actively exploited elevation of privilege bug in the Windows Cloud Files Mini Filter Driver (CVE-2025-62221). The article breaks down the types of flaws patched, notes several critical remote code execution issues, and emphasizes the need to prioritize updates that can turn limited access on a system into full compromise.

Shanya EDR Killer Leveraged by Hackers to Clear the Way for Ransomware Infection

Researchers profile “Shanya,” a packer-as-a-service and EDR disabling tool that is being widely adopted in ransomware operations. The report describes how Shanya abuses kernel drivers and DLL sideloading, often via legitimate binaries like consent.exe, to blind security products and ensure ransomware payloads can execute and encrypt systems with minimal interference.