Cyber Creatures

    Introduction Ransomware attacks continue to be one of the most dangerous cyber threats facing organizations worldwide. Among the newer and more stealthy threats is HardBit 4.0 ransomware , an upgraded version of a malware family that has been active since 2022. HardBit 4.0 represents a significant evolution in ransomware design. Instead of relying on flashy data leaks or public shaming tactics, this ransomware focuses on quiet persistence, strong encryption, and advanced evasion techniques . Its ability to remain hidden while maintaining long-term access makes it especially dangerous for businesses and enterprises.   What Is HardBit 4.0? HardBit 4.0 is a file-encrypting ransomware operated by cybercriminals who primarily target poorly secured network services. Unlike many modern ransomware groups, HardBit actors do not operate a public leak site and do not focus on double extortion tactics. Their strategy is simple but effective: encrypt critical systems and dem...

A major security incident has shaken the JavaScript and open-source ecosystem. GitLab’s Vulnerability Research team recently uncovered a large-scale supply chain attack  targeting the npm package ecosystem  one of the most widely used software repositories in the world. This attack doesn’t just steal sensitive information. It carries something far more dangerous: a built-in “ Dead Man’s Switch ” designed to destroy user data if the attackers lose control. Below is a complete report explaining what happened, how the malware works, who is affected, indicators of compromise, and what organizations must do now. 1. Overview of the Attack The attack involves a dangerous and evolved malware variant known as Shai - Hulud . Attackers uploaded malicious npm packages that look legitimate on the surface. When a developer installs one of these packages, the malware silently activates and begins its multi-stage attack. The result is a widespread, self-spreading infection that compromises d...