background pattern

MOVEit shockwaves felt across the UK & new phishing attacks discovered

Digital swirl
case study thumbnail

Lead Article

Cybercriminals spread malicious AI tools on popular underground forums

Read more
case study thumbnail

Leading UK companies hit with data theft attacks exploiting ‘MOVEit’ zero day

Read more
case study thumbnail

New phishing tool lures victims with Microsoft 365 decoy pages

Read more
case study thumbnail

Feature Article

Google’s new ‘Zip’ domains exploited in phishing attacks

Read more

Ransomware insights

According to Cybersixgill’s data, 276 ransomware results were detected on our Investigative Platform in May, in comparison with 348 results in April. The ransomware gang Lockbit were responsible for 30% of ransomware attacks this month. The top targeted countries were United States (132), United Kingdom (15), Germany (13), Canada (9).

pie chart

The top CVE’s this month based on Cybersixgill’s data

  1. 1.


    The current DVE score is 10. This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914)

    CVSS: 9.8

    DVE: 10

  2. 2.


    The current DVE score is 9.52. A vulnerability in the open-source password manager KeePass can be exploited to retireve the master password from the software's memory.

    CVSS: 7.5

    DVE: 9.52

  3. 3.


    The current DVE score is 10. This is related to a Windows common Log File System Driver Elevation of Privilege Vulnerability.

    CVSS: 7.8

    DVE: 10


Malware insights

The most mentioned malware for May 2023

  • In May, Racoon stealer malware had the highest number of mentions on the underground according to the Cybersixgill Investigative Portal.

  • Raccoon malware is a type of malware that steals sensitive information from infected devices. It was first discovered in 2019 and has since been used to steal a variety of data, including passwords, credit card numbers, and cryptocurrency wallet addresses.

  • Raccoon malware is typically spread through phishing emails, malicious websites, and drive-by downloads.

malware chart

Live from the newsroom

  1. AI-based threat intel tool unveiled by Cybersixgill

    See Details
  2. A new report reveals the trends and tactics on the cybercriminal underground

    See Details
  3. APT5s Citrix expolit and Log4j: different names, same game

    See Details