Machine-scale cybercrime: The 2026 State of Malware report
The ThreatDown 2026 State of Malware report captures a unique moment of transition—when the established world of human-driven intrusion meets…
3 minutes
Threats
AI-orchestrated cyberattacks
Sophisticated attackers once struggled to scale. Now, experienced groups can scale by adding agents to their workforce, and inexperienced or…
4 minutes
Tracking remote ransomware attacks at their source
When ransomware strikes, many are watching it happen through the wrong lens.
5 minutes
Inside EDR-Freeze: How ThreatDown stops the attack before it spreads
EDR-Freeze exploits legitimate Windows functionality to suspend security software, and it works entirely in user-mode using native Windows components.
11 minutes
How NIST is going to secure AI
AI is becoming as commonplace as spreadsheets in business, but security is lagging behind. NIST aims to fix that.
2 minutes
AI has “fully defeated” most of the ways people authenticate
In a recent interview at the Federal Reserve, OpenAI CEO Sam Altman warned of "a significant impending fraud crisis" driven…
4 minutes
Atomic Stealer now using clipboard hijacking to target Macs
The infamous ClickFix campaign is targeting Mac users with Atomic Stealer (AMOS).
2 minutes
Ransomware in April 2025—RansomHub is gone
While DaVita and Marks & Spencer reel from devastating attacks, the most dominant ransomware group of the last year has…
1 minute
Ransomware in March 2025
March 2025 saw a huge number of ransomware attacks, and the Pennsylvania State Education Association quietly notify over 500,000 current…
1 minute
Why YOUR software is the new malware
Cybercriminals are increasingly turning away from malware and shifting to a stealthier approach known as Living Off the Land (LOTL).
1 minute
Ransomware in February 2025—Cl0p and RansomHub run riot
The Cl0p ransomware group posted data on 335 victims in February 2025, by far the largest one month total any…
2 minutes
Phishing, now available on your favorite app store!
Although we tend to associate phishing attacks with emails, on Android they often come from innocent-looking apps.
1 minute
AI as you know it is dead, and cybersecurity will never be the same
The arrival of autonomous “agentic” AIs could finally deliver the profound cybersecurity disruption many expected from ChatGPT in 2022.
2 minutes
Ransomware in January 2024—bad news for US healthcare
January 2025 saw some high profile attacks and no shortage of bad news for the US healthcare sector.
0 minutes
How a clipboard hijacker delivers Lumma Stealer
The use of fake Captcha websites has doubled in only a few months.
3 minutes
Ransomware in December 2024—Cl0p returns
December 2024 saw the unwelcome return of the notorious Cl0p ransomware gang.
1 minute
Clipboard hijacker tries to install a Trojan
Criminals are attempting to get users to install malware from the clipboard.
2 minutes
Sysrv cryptomining botnet is still alive (and kicking out the competition)
Sysrv cryptomining botnets are still active, and analysis shows they are actively kicking out other malware.
4 minutes
Why ransomware gangs want you to keep using that GPON router
A vulnerability found in 2018 is ranked #6 on the list of most attacked vulnerabilities.
2 minutes
Cybercrime Has Gone Machine-Scale
AI is automating malware faster than security can adapt.
Get the facts Read the 2026 State of Malware