⚠ Weekly Threat Advisory: Top Cyber Threats from March 17 – March 23, 2025 ⚠
This Weekly Threat Advisory highlights the latest Threat Actors, Malware, Ransomware, Campaigns, CVEs, and Phishing Kits actively targeting organizations. Adversaries are leveraging newly exploited vulnerabilities, advanced phishing tactics, and evolving malware strains to bypass security defenses. Ransomware operations continue to grow, incorporating double extortion and supply chain attacks for maximum impact. Phishing kits are becoming more sophisticated, enabling large-scale credential theft and unauthorized access. Security teams must stay vigilant, prioritize patching, enhance threat hunting, and strengthen detection capabilities to mitigate emerging cyber threats.
🚨 Through continuous research and intelligence gathering, we have identified active and trending adversaries targeting multiple industries.
🚨 This week’s analysis highlights evolving cyber threats, including new Threat Actors, Malware, Ransomware, Campaigns, and CVEs.
🚨 Emerging attack techniques reveal increasing sophistication in exploitation, persistence, and defense evasion tactics.
🚨 Newly exploited vulnerabilities pose critical risks, requiring immediate attention from security teams.
🚨 Threat actors are leveraging zero-day exploits, advanced phishing schemes, and privilege escalation techniques.
🚨 Ransomware operations continue to expand, with a rise in double extortion tactics and supply chain compromises.
🚨 Credential theft and abuse of cloud services are becoming more frequent attack vectors.
🚨 Nation-state and financially motivated groups are refining their strategies to bypass traditional security controls.
🚨 Targeted sectors include financial institutions, healthcare, critical infrastructure, and cloud environments.
🚨 Weaponized exploits for newly disclosed CVEs are actively being integrated into attack frameworks.
🚨 Dark web discussions indicate increased interest in automation tools for mass exploitation.
🚨 Malware variants are evolving, incorporating polymorphic and fileless attack capabilities.
🚨 Security teams should prioritize patching critical vulnerabilities and enhancing threat detection mechanisms.
🚨 Proactive threat hunting efforts should focus on early indicators of compromise and anomalous behaviors.
🚨 Strengthening incident response plans and cross-sector intelligence sharing will enhance cyber resilience.
Threat Actors
💡 APT-C-36
💡 Squid Werewolf (APT37)
💡 Ricochet_Chollima – APT 37
💡 Rose87168
💡 UAT-5918
Malware
📌 NetSupport RAT
📌 gh0st RAT
📌 Cobalt Strike Cat (CS Cat)
Ransomware
📍 Play
📍 Ruthless Mantis
📍 Lynx Ransomware
📍 Ransomhub
📍 Moroccan Dragons Ransomware
📍 MONIP”d Ransomware
📍 VanHelsing Ransomware
📍 Mora_001
📍 Black Basta (RaaS)
Phishing Kit
🛡️ Signal Messenger
Campaigns
✅ Virtual Hard Disk (VHD) image files distribute VenomRAT and Other Malware
✅ Free online Converters to install Malwares
CVE
👉 CVE-2025-0589
👉 CVE-2025-2323
👉 CVE-2025-30066
👉 CVE-2025-23411
👉 CVE-2025-25067
👉 CVE-2025-24865
👉 CVE-2025-22896
👉 CVE-2025-20061
👉 CVE-2025-20014
Happy Threat Hunting
