Cyber Daily

Executive Summary

In the last 24 hours, several critical cybersecurity incidents have been reported, including ransomware attacks and data theft. The Silent Ransom Group extortion group has been active in physical attacks against law firms in the USA. Vulnerabilities have also been discovered in conference management software and npm packages.

Critical Threats

• Physical data theft attacks by Silent Ransom Group — The Silent Ransom Group extortion group is conducting physical attacks against law firms in the USA, claiming to be technical support. We recommend that law firms intensify their physical security measures and train their employees.
• Grandoreiro and BTMOB malware — Banking malware campaigns are targeting Windows and Android users in Latin America and Europe. Users should be cautious when downloading applications and use updated antivirus solutions.
• Vulnerabilities in Pretalx software — An account takeover vulnerability was discovered in the open-source Pretalx conference management software. Administrators should apply available patches.

Vulnerabilities & Patches

CVE-2026-41241, a stored XSS vulnerability in Pretalx, was reported and patched. Malicious npm packages that can exfiltrate files from AI Claude users were also discovered.

Trends & Observations

There is an observed increase in ransomware attacks and data theft, as well as a growing use of AI in exploit development. Targeted sectors include law firms, government institutions, and end-users.

Recommendations

• Implement robust physical security measures, especially for law firms and sensitive institutions.
• Regularly update antivirus solutions and apply available security patches.
• Educate users about the risks of downloading applications from unverified sources and interacting with unknown technical support.