The Good, the Bad and the Ugly in Cybersecurity – Week 13

The report describes multiple high-impact incidents: U.S. prosecutions and extraditions tied to Yanluowang ransomware affiliates and a RedLine operator; an ongoing FAUX#ELEVATE phishing campaign using obfuscated VBScript to deliver credential stealers and cryptocurrency miners that target enterprise domain-joined systems and abuse legitimate services for staging and exfiltration; and a widespread supply-chain compromise by TeamPCP that injected credential-stealing backdoors into Trivy, npm packages (CanisterWorm), and the LiteLLM PyPI package, leading to credential, SSH key, cloud token, and secret theft across CI/CD and cloud environments.