ESET warns of PromptLock, the first AI-driven ransomware Pierluigi Paganini August 27, 2025 ESET found PromptLock, the first AI-driven ransomware, using OpenAI’s gpt-oss:20b via Ollama to generate and run malicious Lua scripts. In a series of messages published on X, ESET Research announced the discovery of the first known AI-powered ransomware, named PromptLock. The PromptLock...Read More
The number of ransomware attacks observed worldwide held steady in July, increasing by just 1% to 376 recorded cases, according to the latest monthly Threat Pulse figures from cyber security services firm NCC Group. This comes in the wake of an unfortunate record-breaking start to 2025, but as NCC’s analysts observed, the more stagnant...Read More
Ransomware attacks around the world have exceeded 1,500 cases in the second quarter of this year alone, directly threatening daily life. SK Shields announced on the 27th that the number of damages was 1,556 in the “Korea Ransomware Response Alliance (KARA) Q2 Report.” This is a 17% increase from the same period last year. 사진...Read More
Artificial intelligence is increasingly being harnessed to power ransomware attacks, raising complex new challenges for individuals and organisations seeking to defend against cyber threats. Security researchers have recently uncovered how criminal groups, such as the ransomware gang FunkSec, have started using generative AI tools to enhance their operations. According to analysis by Avast’s security team,...Read More
A sophisticated new variant of the Hook Android banking trojan has emerged with unprecedented capabilities that position it among the most advanced mobile malware families observed to date. This latest version, designated Hook Version 3, represents a significant evolution in Android banking malware sophistication, introducing a comprehensive arsenal of 107 remote commands with 38 newly...Read More
Slovakia-based cyber security vendor ESET said it has discovered “the first known” artificial intelligence-powered ransomware that generates malicious scripts on-the-fly on infected machines. ESET called the ransomware “PromptLock”, and has uploaded Microsoft Windows and Linux samples to Google’s VirusTotal scanning site. For now, ESET said there are multiple indicators that suggest the ransomware, which is...Read More
Oyster Backdoor malware has been observed disguising itself as legitimate IT management tools WinSCP and PuTTY in a campaign targeting IT professionals, with evidence suggesting a link to ransomware operations. Researchers from BlueVoyant have conducted an investigation into a recent attack within a healthcare sector client environment, where the Oyster Backdoor was delivered through a...Read More
The State of Nevada says it suffered “network security incident” While not officially described as a cyberattack, it certainly resembles a ransomware attack There is no evidence of stolen files yet Offices, websites, and phone lines of the state government of Nevada were all made unavailable and taken offline following an apparent cyberattack. The official...Read More
