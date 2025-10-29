DUBAI, DUBAI, UNITED ARAB EMIRATES, October 29, 2025 /EINPresswire.com/ -- Cyberattacks are accelerating in complexity, and this October was no exception. ANY.RUN, a leading provider of interactive malware analysis and threat intelligence solutions, reports that organizations worldwide faced an escalation of sophisticated phishing and ransomware campaigns exploiting trusted cloud infrastructure.

The October 2025 Threat Analysis highlights how threat actors are misusing legitimate platforms like Google, ClickUp, and Figma, while ransomware groups like LockBit continue expanding into new environments.

𝐏𝐡𝐢𝐬𝐡𝐢𝐧𝐠 𝐓𝐡𝐫𝐨𝐮𝐠𝐡 𝐓𝐫𝐮𝐬𝐭𝐞𝐝 𝐏𝐥𝐚𝐭𝐟𝐨𝐫𝐦𝐬

Attackers are increasingly abusing Google Careers, ClickUp, and Figma to host phishing flows that look legitimate. These campaigns use Salesforce redirects, Cloudflare CAPTCHAs, and public prototypes to mimic Microsoft 365 or job application portals and steal credentials. By chaining multiple trusted domains, they bypass filters and reputation systems, leaving SOCs blind without behavioral analysis.

𝐋𝐨𝐜𝐤𝐁𝐢𝐭 𝟓.𝟎 𝐑𝐚𝐧𝐬𝐨𝐦𝐰𝐚𝐫𝐞

On its sixth anniversary, LockBit released a new version targeting Linux and VMware ESXi, marking a strategic move toward critical infrastructure. The variant can disable multiple virtual machines simultaneously, causing widespread outages across data centers and enterprise environments.

𝐓𝐲𝐊𝐢𝐭 𝐏𝐡𝐢𝐬𝐡𝐢𝐧𝐠 𝐊𝐢𝐭

ANY.RUN researchers uncovered TyKit, a reusable phishing kit hiding JavaScript inside SVG files to execute redirects and steal Microsoft 365 credentials. Active across finance, government, telecom, and education, it demonstrates how simple obfuscation can outsmart legacy detection.

𝐀𝐛𝐨𝐮𝐭 𝐀𝐍𝐘.𝐑𝐔𝐍

ANY.RUN helps more than 15,000 organizations worldwide, including leaders in finance, healthcare, telecom, retail, and technology, strengthen cybersecurity operations with real-time malware analysis and live threat intelligence.

The suite combines interactive sandboxing with dynamic intelligence, enabling faster investigations, deeper visibility, and proactive threat prevention.

