Global law enforcement has made significant strides by dismantling "Outsider Enterprise," a massive Chinese Phishing-as-a-Service (PhaaS) network responsible for nearly $1.9 billion in financial losses. Concurrently, as part of Operation Endgame, authorities have cleaned over 15,000 WordPress sites infected with SocGholish malware, a persistent JavaScript-based downloader used to deploy secondary payloads and ransomware.
In terms of emerging threats, the DragonForce ransomware group is now exploiting Microsoft Teams' TURN relay infrastructure to mask command-and-control traffic, allowing them to bypass traditional network defenses for long-term persistence. Additionally, the PRC-linked actor UNC6508 has been observed targeting REDCap servers in medical research institutions, utilizing custom "InfiniteRed" malware and legitimate enterprise email compliance rules to exfiltrate sensitive scientific data.
