Today’s Topics:

• CVE-2026-0628 Shows How Browser-Integrated AI Can Undermine Chrome’s Security Model
• Google’s Merkle Tree Certificates Signal a Structural Shift Toward Quantum-Resistant HTTPS
• How can Netizen help?

CVE-2026-0628 Shows How Browser-Integrated AI Can Undermine Chrome’s Security Model

Google has patched a high-severity vulnerability in Chrome that exposed a deeper issue many security teams are still grappling with: what happens when AI assistants operate inside high-privilege browser contexts. Tracked as CVE-2026-0628 with a CVSS score of 8.8, the flaw allowed malicious extensions to escalate privileges by abusing insufficient policy enforcement in Chrome’s WebView tag. The issue was fixed in Chrome version 143.0.7499.192 and .193 for Windows and macOS, and 143.0.7499.192 for Linux.

The vulnerability was discovered by Gal Weizman of Palo Alto Networks Unit 42 and reported in November 2025. At a technical level, the flaw enabled a crafted Chrome extension to inject scripts or HTML into a privileged page. That privileged surface was the Gemini Live panel, part of Google’s browser-level integration of Google Chrome with Gemini, which Google rolled into Chrome in September 2025.

Under normal conditions, Chrome extensions are constrained by a permission model that limits what they can access. This case broke that assumption. An extension operating with relatively basic permissions, including access to the declarativeNetRequest API, could inject JavaScript into the Gemini side panel running at gemini.google.com/app. That context carries elevated capabilities because Chrome intentionally grants the Gemini panel access to sensitive browser features in order to perform multi-step AI tasks.

Once code execution occurred inside that panel, the impact moved well beyond typical extension abuse. An attacker could potentially access the victim’s camera and microphone, take screenshots of arbitrary websites, and interact with local files. These are capabilities normally gated by strict permission prompts and origin isolation rules. CVE-2026-0628 effectively blurred those boundaries.

The declarativeNetRequest API itself is not inherently unsafe. It is widely used by ad-blocking extensions to intercept and modify HTTPS traffic. The problem arose from how extension-controlled request manipulation intersected with a high-privilege, browser-embedded AI component. When the Gemini application was loaded inside the panel, Chrome bound it to capabilities necessary for AI-driven summarization, translation, and task automation. That design decision created a path where extension-level influence could cross into a more trusted execution context.

From a security architecture standpoint, this is the more significant takeaway. AI agents embedded directly into the browser require privileged access to operate effectively. They need visibility into page content, file systems, and user inputs to complete complex workflows. That privilege becomes a liability if isolation boundaries are imperfect. In this case, the WebView tag’s insufficient policy enforcement allowed an attacker to pivot from a lower-privileged extension environment into a component that was effectively “part of the browser.”

There is also a secondary concern that deserves attention. Prompt injection attacks against AI agents are already a known risk. If a malicious page can influence an agent to perform restricted actions, and that agent is running in a privileged browser context, the blast radius expands. Researchers noted the possibility of hidden prompts instructing the assistant to execute actions that would otherwise be blocked. In worst-case scenarios, instructions could be stored in session memory, persisting behavior across browsing sessions.

Google’s Merkle Tree Certificates Signal a Structural Shift Toward Quantum-Resistant HTTPS

Google has outlined a new strategy to prepare HTTPS for the eventual impact of quantum computing, and the approach is architectural rather than incremental. Instead of inserting post-quantum cryptography directly into traditional X.509 certificate chains, Google is developing an alternative model built on Merkle Tree Certificates, or MTCs, within the Chrome ecosystem.

The initiative is being led by the Chrome Secure Web and Networking Team behind Google Chrome. The objective is clear: make HTTPS authentication quantum-resistant without inflating TLS handshake sizes to the point where performance suffers. The company has stated it does not plan to immediately add classical X.509 certificates containing post-quantum algorithms into the Chrome Root Store. That decision reflects the practical constraints of bandwidth, handshake latency, and ecosystem scalability.

Merkle Tree Certificates represent a structural redesign of certificate validation. Instead of issuing and transmitting a full certificate chain with multiple public keys and signatures, a Certification Authority signs a single “Tree Head” that represents potentially millions of certificates. When a browser connects, it receives a compact proof of inclusion in that tree. The cryptographic strength comes from the Merkle structure itself, which allows efficient verification without transmitting excessive data.

This is particularly relevant in a post-quantum context. Post-quantum cryptographic algorithms typically involve significantly larger key sizes and signatures compared to current elliptic curve or RSA-based systems. If those algorithms were inserted directly into today’s certificate chains, handshake sizes would expand and potentially degrade user experience. MTCs decouple algorithm strength from transmitted data size, allowing stronger cryptography without proportionally increasing network overhead.

The proposal is being developed within the PLANTS working group, and companies such as Cloudflare are collaborating on feasibility testing. Google has confirmed that it is already experimenting with MTCs using live internet traffic to assess performance and security characteristics in real-world conditions.

The rollout strategy spans three phases. The first phase, already underway, focuses on feasibility and operational validation in partnership with Cloudflare. The second phase, planned for the first quarter of 2027, will involve Certificate Transparency log operators that already maintain usable logs in Chrome. That step is important because Certificate Transparency remains central to Chrome’s trust model. The third phase, targeted for the third quarter of 2027, will define onboarding requirements for Certificate Authorities into a new Chrome Quantum-resistant Root Store that supports only MTC-based certificates.

This move signals that Chrome is preparing for a future in which quantum-capable adversaries can break classical public key cryptography. Even though large-scale quantum attacks are not yet operationally viable, the industry recognizes the risk of “harvest now, decrypt later” strategies, where encrypted traffic captured today could be decrypted once quantum capabilities mature. Building quantum resistance into browser trust anchors before that inflection point reduces long-term exposure.

From a security architecture perspective, this initiative touches the foundation of internet trust. HTTPS authentication depends on Public Key Infrastructure and root trust stores embedded in browsers. Any transition to post-quantum resilience must preserve interoperability, performance, and auditability. By compressing authentication data through Merkle proofs, Chrome is attempting to modernize PKI without destabilizing it.

For enterprise environments, the immediate action item is awareness rather than deployment. Organizations should monitor developments in post-quantum TLS, certificate issuance practices, and Chrome’s evolving root program. Certificate lifecycle management, internal PKI planning, and long-term cryptographic agility strategies will need to account for these structural changes over the next several years.veloper-focused compromise.

How Can Netizen Help?

Founded in 2013, Netizen is an award-winning technology firm that develops and leverages cutting-edge solutions to create a more secure, integrated, and automated digital environment for government, defense, and commercial clients worldwide. Our innovative solutions transform complex cybersecurity and technology challenges into strategic advantages by delivering mission-critical capabilities that safeguard and optimize clients’ digital infrastructure. One example of this is our popular “CISO-as-a-Service” offering that enables organizations of any size to access executive level cybersecurity expertise at a fraction of the cost of hiring internally. 

Netizen also operates a state-of-the-art 24x7x365 Security Operations Center (SOC) that delivers comprehensive cybersecurity monitoring solutions for defense, government, and commercial clients. Our service portfolio includes cybersecurity assessments and advisory, hosted SIEM and EDR/XDR solutions, software assurance, penetration testing, cybersecurity engineering, and compliance audit support. We specialize in serving organizations that operate within some of the world’s most highly sensitive and tightly regulated environments where unwavering security, strict compliance, technical excellence, and operational maturity are non-negotiable requirements. Our proven track record in these domains positions us as the premier trusted partner for organizations where technology reliability and security cannot be compromised.

Netizen holds ISO 27001, ISO 9001, ISO 20000-1, and CMMI Level III SVC registrations demonstrating the maturity of our operations. We are a proud Service-Disabled Veteran-Owned Small Business (SDVOSB) certified by U.S. Small Business Administration (SBA) that has been named multiple times to the Inc. 5000 and Vet 100 lists of the most successful and fastest-growing private companies in the nation. Netizen has also been named a national “Best Workplace” by Inc. Magazine, a multiple awardee of the U.S. Department of Labor HIRE Vets Platinum Medallion for veteran hiring and retention, the Lehigh Valley Business of the Year and Veteran-Owned Business of the Year, and the recipient of dozens of other awards and accolades for innovation, community support, working environment, and growth.

Looking for expert guidance to secure, automate, and streamline your IT infrastructure and operations? Start the conversation today.

Today’s Topics:

• Anthropic Introduces Claude Code Security for AI-Driven Vulnerability Scanning
• Malicious npm Campaign Harvests Crypto Keys, CI Secrets, and LLM Tokens
• How can Netizen help?

Anthropic Introduces Claude Code Security for AI-Driven Vulnerability Scanning

Anthropic has announced a new capability within Claude Code called Claude Code Security, an AI-assisted vulnerability scanning feature now available in limited research preview for Enterprise and Team customers. The release signals a clear shift in how AI is being positioned inside development environments. The model is no longer just generating code. It is actively reviewing it for security defects.

Claude Code Security scans a user’s codebase, identifies potential vulnerabilities, and proposes targeted remediation steps for developer review. The system does not automatically modify production code. Instead, it surfaces findings inside a dedicated dashboard, assigns severity levels, provides a confidence score, and presents suggested patches for explicit human approval. That human approval requirement is a critical architectural choice. It preserves change control discipline and avoids introducing automated remediation risk into secure development workflows.

Anthropic’s positioning is grounded in a reality security teams are already seeing. AI-assisted tooling can accelerate vulnerability discovery at scale. That acceleration benefits defenders, but it also benefits adversaries. As models become more capable of reasoning through application logic, tracing dependencies, and mapping data flows, the time required to identify exploitable weaknesses continues to shrink. Claude Code Security is designed to counterbalance that dynamic by placing similar reasoning capabilities into the hands of defenders.

The company claims the system goes beyond conventional static analysis. Traditional SAST tools rely heavily on rule-based detection and signature matching. They are effective at identifying known patterns such as injection flaws or unsafe function usage, but they often struggle with multi-step logic errors and contextual trust boundary violations. Claude Code Security is described as reasoning about the codebase in a way that more closely resembles a human security reviewer. It evaluates how components interact, traces data flows across services, and attempts to identify vulnerabilities that may not match predefined signatures.

False positive reduction is addressed through what Anthropic describes as a multi-stage verification process. Findings are re-analyzed before being presented to the user, and each issue is assigned both a severity rating and a confidence score. That layered review approach is intended to reduce alert fatigue and help development teams prioritize remediation based on impact and likelihood.

From a DevSecOps perspective, the practical question is integration. Organizations with mature pipelines already operate SAST, DAST, and software composition analysis tooling. Claude Code Security appears positioned as a reasoning layer that augments those deterministic systems rather than replaces them. Its value will depend on how effectively it complements existing scanners, how transparent its findings are, and how easily it can be incorporated into established approval workflows.

In regulated environments, governance will matter. Any AI-driven code analysis tool must support auditability, logging, traceability of decisions, and protection of proprietary source code. The explicit human-in-the-loop model helps address change management and accountability requirements that frameworks such as NIST SP 800-53, ISO 27001, and CMMC 2.0 expect organizations to enforce.

Claude Code Security remains in research preview, so operational maturity and real-world performance data are still emerging. Even so, the strategic direction is clear. AI is moving from a development accelerator to a security control embedded directly into the software lifecycle. For security leaders, the focus should be on disciplined adoption, governance alignment, and measurable reduction in vulnerability exposure rather than novelty.

Malicious npm Campaign Harvests Crypto Keys, CI Secrets, and LLM Tokens

Researchers have uncovered an active supply chain campaign leveraging at least 19 malicious npm packages to harvest developer credentials, cryptocurrency keys, CI/CD secrets, and API tokens. The operation, tracked by Socket under the name SANDWORM_MODE, resembles earlier Shai-Hulud-style worm activity, but with expanded functionality and more deliberate targeting of AI-assisted development environments.

The malicious packages were published under the npm aliases official334 and javaorg. They include typosquatted and deceptively named modules such as claud-code, crypto-reader-info, node-native-bridge, secp256, suport-color, and others. Four additional sleeper packages were identified that currently contain no malicious functionality but may serve staging or trust-building purposes.

The core payload is designed to extract system information, environment variables, access tokens, API keys, and cryptocurrency private keys from infected developer environments. Once harvested, the malware abuses stolen npm and GitHub credentials to publish additional malicious packages, effectively propagating itself through compromised identities.

This propagation model transforms the campaign from a one-off credential theft operation into a self-expanding supply chain worm. By compromising trusted publisher accounts, the attackers increase their distribution reach and reduce the likelihood of early detection.

The malware also embeds a weaponized GitHub Action capable of harvesting CI/CD secrets directly from build pipelines. Exfiltration occurs over HTTPS with DNS fallback, increasing resiliency if primary outbound channels are blocked.

The codebase includes a destructive routine designed to wipe the victim’s home directory if the malware loses access to GitHub or npm infrastructure. Although this wiper functionality is currently disabled by default, its presence significantly raises the risk profile of the campaign. It signals that the operators are prepared to transition from stealthy credential harvesting to disruptive retaliation if their infrastructure is disrupted.

Socket noted multiple feature flags and toggles within the code that suggest the threat actor is actively iterating. Some builds disable destructive routines or polymorphic rewriting, indicating staged deployment and ongoing refinement rather than accidental publication.

One of the most notable components is a module referred to as McpInject. This functionality targets AI coding assistants by deploying a malicious Model Context Protocol server and injecting it into local tool configurations.

The rogue MCP server masquerades as a legitimate tool provider and registers benign-looking utilities. Embedded within those utilities are prompt injections designed to extract sensitive files, including:

• ~/.ssh/id_rsa and ~/.ssh/id_ed25519
• ~/.aws/credentials
• ~/.npmrc
• .env files

These artifacts are staged locally for later exfiltration.

The module specifically targets developer tooling environments that integrate AI assistants, including Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code Continue, and Windsurf. It also harvests API keys associated with major LLM providers, including Anthropic, Cohere, Fireworks AI, Google, Grok, Mistral, OpenAI, Replicate, and Together.

This marks a clear evolution in supply chain attacks. The objective is no longer limited to source code or infrastructure credentials. AI model access itself is now a target.

The malware contains a polymorphic engine configured to call a local Ollama instance running DeepSeek Coder. That engine can rewrite control flow, rename variables, inject junk code, and encode strings to evade detection. Although currently disabled in observed samples, the capability indicates preparation for more evasive future variants.

The attack unfolds in two stages. The first stage captures credentials and cryptocurrency keys. A second stage, activated after a delay of at least 48 hours with additional per-machine jitter, performs deeper harvesting, worm-like propagation, MCP injection, and full data exfiltration. The delayed execution complicates sandbox-based detection and incident response correlation.

Separate disclosures from Veracode and JFrog identified additional malicious npm packages, including buildrunner-dev and eslint-verify-plugin.

Buildrunner-dev delivers Pulsar RAT, an open-source .NET remote access trojan hosted inside a PNG image. The malware targets Windows, macOS, and Linux systems.

Eslint-verify-plugin masquerades as a legitimate ESLint utility but deploys a multi-stage infection chain. On Linux, it installs a Poseidon agent tied to the Mythic C2 framework, enabling credential harvesting, lateral movement, and file operations. On macOS, it executes Apfell, a JavaScript for Automation agent capable of extensive data collection and privilege escalation through the creation of a new administrator account.

Stolen data includes system information, browser artifacts, clipboard contents, password dialog captures, iCloud Keychain files, Chrome cookies and login data, screenshots, and file metadata.

Checkmarx also reported a rogue VS Code extension called solid281, impersonating the official Solidity extension. It deploys an obfuscated loader that installs ScreenConnect on Windows and a Python reverse shell on macOS and Linux. The targeting of Solidity developers aligns with broader patterns of developer-focused compromise.

How Can Netizen Help?

Founded in 2013, Netizen is an award-winning technology firm that develops and leverages cutting-edge solutions to create a more secure, integrated, and automated digital environment for government, defense, and commercial clients worldwide. Our innovative solutions transform complex cybersecurity and technology challenges into strategic advantages by delivering mission-critical capabilities that safeguard and optimize clients’ digital infrastructure. One example of this is our popular “CISO-as-a-Service” offering that enables organizations of any size to access executive level cybersecurity expertise at a fraction of the cost of hiring internally. 

Netizen also operates a state-of-the-art 24x7x365 Security Operations Center (SOC) that delivers comprehensive cybersecurity monitoring solutions for defense, government, and commercial clients. Our service portfolio includes cybersecurity assessments and advisory, hosted SIEM and EDR/XDR solutions, software assurance, penetration testing, cybersecurity engineering, and compliance audit support. We specialize in serving organizations that operate within some of the world’s most highly sensitive and tightly regulated environments where unwavering security, strict compliance, technical excellence, and operational maturity are non-negotiable requirements. Our proven track record in these domains positions us as the premier trusted partner for organizations where technology reliability and security cannot be compromised.

Netizen holds ISO 27001, ISO 9001, ISO 20000-1, and CMMI Level III SVC registrations demonstrating the maturity of our operations. We are a proud Service-Disabled Veteran-Owned Small Business (SDVOSB) certified by U.S. Small Business Administration (SBA) that has been named multiple times to the Inc. 5000 and Vet 100 lists of the most successful and fastest-growing private companies in the nation. Netizen has also been named a national “Best Workplace” by Inc. Magazine, a multiple awardee of the U.S. Department of Labor HIRE Vets Platinum Medallion for veteran hiring and retention, the Lehigh Valley Business of the Year and Veteran-Owned Business of the Year, and the recipient of dozens of other awards and accolades for innovation, community support, working environment, and growth.

Looking for expert guidance to secure, automate, and streamline your IT infrastructure and operations? Start the conversation today.

Today’s Topics:

• DockerDash: Ask Gordon AI Flaw Exposed a Critical Trust Boundary in Docker Desktop
• Reynolds Ransomware Bundles BYOVD Driver to Kill EDR Before Encryption
• How can Netizen help?

DockerDash: Ask Gordon AI Flaw Exposed a Critical Trust Boundary in Docker Desktop

Docker quietly closed a serious gap in its AI assistant, Ask Gordon, with the release of Docker Desktop version 4.50.0 in November 2025. The issue, dubbed “DockerDash” by researchers at Noma Labs, was not a typical memory corruption bug or authentication bypass. It was a failure of contextual trust inside an AI-assisted workflow, and it opened the door to remote code execution and sensitive data exposure through something as mundane as Docker image metadata.

At the center of the problem was how Ask Gordon parsed and interpreted Docker image LABEL fields. In a normal workflow, those labels are informational metadata attached to a Dockerfile. They describe authorship, versioning, licensing, or build context. Ask Gordon, however, treated those metadata fields as inputs that could be interpreted and forwarded through its Model Context Protocol (MCP) Gateway without meaningful validation. That design choice created a new injection surface inside the AI-to-tool execution path.

The attack chain described by Noma Labs was straightforward and uncomfortable. An attacker could publish a Docker image containing weaponized instructions embedded in LABEL fields. When a victim asked Ask Gordon about that image, the assistant would ingest and parse the metadata. Because it did not distinguish between descriptive metadata and embedded operational instructions, it could forward the parsed content to the MCP Gateway. The Gateway, acting as middleware between the large language model and local MCP tools, would then interpret the instructions as legitimate requests from a trusted source. With no contextual validation at each hop, the MCP tools would execute the command under the victim’s Docker privileges.

For cloud and CLI environments, this meant potential remote code execution with critical impact. For Docker Desktop users, the flaw also enabled high-impact data exfiltration. The same injection primitive could be used to extract environment details through MCP tooling. That included installed tool inventories, container configurations, mounted directories, Docker settings, and even aspects of the local network topology. In practical terms, a simple AI query about a container image could become the trigger for unintended local introspection and data leakage.

Noma Labs characterized the issue as Meta-Context Injection. The root failure was that the MCP Gateway could not differentiate between benign informational metadata and pre-authorized executable instructions. This is a textbook trust boundary violation. The assistant implicitly trusted container metadata as context, and the Gateway implicitly trusted the assistant’s forwarded requests as legitimate tool invocations. No stage applied zero-trust validation to the contextual data being passed along.

What makes this case significant is that the initial payload was hidden inside a legitimate supply chain artifact. Docker images are routinely pulled from registries and inspected through automated workflows. Embedding malicious instructions inside LABEL fields turns a descriptive field into an execution vector when AI agents are introduced into the pipeline. This moves AI supply chain risk from theory into operational reality.

Docker 4.50.0 also addressed a separate prompt injection issue reported by Pillar Security, where attackers could tamper with Docker Hub repository metadata to manipulate Ask Gordon’s behavior and exfiltrate data. Taken together, these fixes highlight a pattern. As AI assistants gain the ability to interact with local tools, the integrity of contextual inputs becomes as important as traditional code-level security controls.

From a defensive standpoint, this vulnerability reinforces a point many security teams are already wrestling with: AI agents must treat every upstream input as untrusted, even if it originates from a “trusted” source like an internal registry or official marketplace. Validation cannot stop at user prompts. It must extend to metadata, system context, and intermediary gateways that bridge language models and execution engines.

Reynolds Ransomware Bundles BYOVD Driver to Kill EDR Before Encryption

A newly identified ransomware family dubbed Reynolds is taking a familiar evasion technique and integrating it directly into the core payload. Researchers from Symantec and the Carbon Black Threat Hunter Team report that Reynolds embeds a bring your own vulnerable driver component inside the ransomware binary itself, collapsing what is often a multi-stage intrusion into a tighter, more efficient attack chain.

BYOVD is not new. Adversaries have relied on legitimate but vulnerable signed drivers for years to escalate privileges and disable endpoint security controls. The typical sequence involves deploying a separate utility first to load the flawed driver, terminating EDR processes, and only then launching the ransomware. Reynolds eliminates that separation. The vulnerable driver, an NsecSoft NSecKrnl kernel driver, is bundled directly within the ransomware package.

Once executed, Reynolds drops the NSecKrnl driver and abuses it to terminate processes tied to widely deployed endpoint security platforms. Reported targets include products from Avast, CrowdStrike Falcon, Palo Alto Networks Cortex XDR, Sophos including HitmanPro.Alert, and Symantec Endpoint Protection. By leveraging a signed but flawed kernel driver, the ransomware can interfere with security controls at a lower level in the stack, where defensive visibility is often reduced.

The NSecKrnl driver carries a known vulnerability, CVE-2025-68947, with a CVSS score of 5.7. The flaw enables termination of arbitrary processes. That capability is precisely what makes it valuable in a ransomware context. It has also been observed in prior campaigns, including activity attributed to a threat actor known as Silver Fox, which used similar vulnerable drivers such as truesight.sys and amsdk.sys to disable endpoint tools before deploying ValleyRAT. Reynolds is following a pattern that has been effective for others.

Bundling the driver inside the ransomware has operational advantages. There is no need for affiliates to stage a separate defense-evasion tool. There is no standalone binary that defenders can isolate as a precursor signal. The driver drop, process termination, and encryption routines are logically coupled. That consolidation reduces friction in affiliate-driven ecosystems and may lower the chance of early-stage detection.

Symantec’s analysis also points to pre-ransomware activity weeks before encryption. A suspicious side-loaded loader was present on the network prior to the final stage, suggesting the attackers had already established a foothold. After the ransomware executed, the GotoHTTP remote access tool appeared on the network, indicating an interest in maintaining persistence even after the encryption event. This pattern reflects a broader trend: ransomware is rarely a smash-and-grab operation. It is often the final act in a longer intrusion.

Sophos stated that it had blocking protections against the NSecKrnl driver since November 2025 and proactive safeguards against the ransomware payload for years. That response underscores a larger defensive challenge. Even when vendors block known vulnerable drivers, attackers frequently rotate through alternative signed drivers to achieve similar outcomes. The BYOVD technique persists because it relies on trusted digital signatures and kernel-level access.

Reynolds emerges against a backdrop of escalating ransomware activity and operational experimentation. High-volume phishing campaigns have delivered GLOBAL GROUP ransomware using LNK attachments that execute PowerShell to fetch a Phorpiex dropper. GLOBAL GROUP stands out for performing all activity locally, without data exfiltration, making it viable in air-gapped environments.

Infrastructure abuse has also intensified. Campaigns linked to WantToCry have leveraged virtual machines provisioned through ISPsystem. Weaknesses in default Windows templates within VMmanager allow reuse of static hostnames and system identifiers, enabling threat actors to spin up large volumes of infrastructure that complicate takedown efforts. Hostnames from this ecosystem have appeared in campaigns tied to operators such as LockBit, Qilin, Conti, and BlackCat.

Ransomware groups continue to professionalize. DragonForce now advertises a “Company Data Audit” service to assist affiliates during extortion negotiations, providing structured reports, communication templates, and negotiation guidance. This formalization of support functions mirrors legitimate business operations and signals sustained maturity in the ecosystem.

Meanwhile, LockBit 5.0 has shifted to ChaCha20 encryption across Windows, Linux, and ESXi systems, moving away from the AES approach used in earlier versions. The updated strain includes a wiper module, delayed execution options, a visible encryption progress bar, stronger anti-analysis features, and expanded in-memory execution to reduce disk artifacts. Other groups, including Interlock, have exploited vulnerable drivers such as GameDriverx64.sys, tracked as CVE-2025-61155, in their own BYOVD attacks to disable endpoint defenses before deploying ransomware and remote access tools.

Cloud environments are also under pressure. Operators are targeting misconfigured Amazon Web Services S3 buckets, relying on native cloud capabilities to delete, overwrite, or extract data without introducing obvious malware artifacts. In parallel, purely data-theft-driven extortion events continue to rise, decoupling impact from encryption.

The numbers reinforce the trajectory. Threat actors claimed 4,737 ransomware attacks in 2025, slightly above 2024 totals. Incidents involving data theft without encryption reached 6,182, representing a notable year-over-year increase. Average ransom payments climbed to $591,988 in the fourth quarter of 2025, driven by a handful of outsized settlements.

How Can Netizen Help?

Founded in 2013, Netizen is an award-winning technology firm that develops and leverages cutting-edge solutions to create a more secure, integrated, and automated digital environment for government, defense, and commercial clients worldwide. Our innovative solutions transform complex cybersecurity and technology challenges into strategic advantages by delivering mission-critical capabilities that safeguard and optimize clients’ digital infrastructure. One example of this is our popular “CISO-as-a-Service” offering that enables organizations of any size to access executive level cybersecurity expertise at a fraction of the cost of hiring internally. 

Netizen also operates a state-of-the-art 24x7x365 Security Operations Center (SOC) that delivers comprehensive cybersecurity monitoring solutions for defense, government, and commercial clients. Our service portfolio includes cybersecurity assessments and advisory, hosted SIEM and EDR/XDR solutions, software assurance, penetration testing, cybersecurity engineering, and compliance audit support. We specialize in serving organizations that operate within some of the world’s most highly sensitive and tightly regulated environments where unwavering security, strict compliance, technical excellence, and operational maturity are non-negotiable requirements. Our proven track record in these domains positions us as the premier trusted partner for organizations where technology reliability and security cannot be compromised.

Netizen holds ISO 27001, ISO 9001, ISO 20000-1, and CMMI Level III SVC registrations demonstrating the maturity of our operations. We are a proud Service-Disabled Veteran-Owned Small Business (SDVOSB) certified by U.S. Small Business Administration (SBA) that has been named multiple times to the Inc. 5000 and Vet 100 lists of the most successful and fastest-growing private companies in the nation. Netizen has also been named a national “Best Workplace” by Inc. Magazine, a multiple awardee of the U.S. Department of Labor HIRE Vets Platinum Medallion for veteran hiring and retention, the Lehigh Valley Business of the Year and Veteran-Owned Business of the Year, and the recipient of dozens of other awards and accolades for innovation, community support, working environment, and growth.

Looking for expert guidance to secure, automate, and streamline your IT infrastructure and operations? Start the conversation today.