Cybersecurity Reports
Browse Cybersecurity Reports articles and insights from the Phish Tank Digital cybersecurity marketing blog.
Byer-Nichols Threat Brief for June 16-30 2026
The second half of June stayed active without any dramatic shifts. SETTRA ransomware burst into the top five after listing 22 victims in a single week, while FortiBleed dominated vulnerability headlines as organizations continued responding to widespread exploitation. Technology climbed to the top victim sector, and large enterprises saw a sharp spike in targeting. U.S. organizations remained the most impacted, though victim disclosures spread across a broader range of countries this period.
Byer-Nichols Threat Brief for June 1-15 2026
Threat activity in early June picked up across the board, with DeadLock's sharp debut driving over a fifth of observed ransomware activity and mid-market organizations seeing a nearly 38% spike in targeting. Manufacturing held the top sector spot while retail surged to second. Shadow-Earth-066 emerged as the most concerning adversary with its rapid shift to automation-driven reconnaissance, and actively exploited vulnerabilities in WebLogic, Android, Cisco SD-WAN, and Check Point gateways kept defenders under pressure to patch fast.
Byer-Nichols Threat Brief for May 16-31 2026
Activity remained relatively routine overall, though a few ransomware groups saw notable movement. DragonForce returned to the top five most active ransomware operators after another surge in victim postings, continuing its pattern of alternating between quiet periods and sudden spikes in activity. RALord (Nova) also broke into the top five for the first time after posting an unusually high number of victims compared to its typical volume. On the vulnerability front, CISA added more than 15 new Known Exploited Vulnerabilities (KEVs), highlighting the continued pace at which actively exploited flaws are being identified and tracked.
Byer-Nichols Threat Brief for May 1-15 2026
The first half of May was relatively routine overall, with ransomware activity continuing to heavily impact small businesses, which accounted for 79.06% of.
Byer-Nichols Threat Brief for April 16-30 2026
Byer-Nichols Threat Brief for April 16-30, 2026. Qilin dominated ransomware at 23.10% while small businesses bore 71.12% of attacks across all sectors.
Byer-Nichols Threat Brief for April 1-15 2026
Threat activity intensified as APT36, Bearlyfy, Silver Fox, TA446, TeamPCP, and UNC1069 leaned into credential theft, social-engineering lures, and quiet.
Byer-Nichols Threat Brief for March 16-31 2026
Threat activity spiked as APT36, TA446, and UNC1069 leaned into credential theft and cloud-identity abuse, while Bearlyfy escalated politically driven.
Byer-Nichols Threat Brief for March 1-15 2026
Ransomware activity in early March 2026 remained fragmented, led by Qilin with continued pressure across manufacturing, technology, and construction sectors,.
Byer-Nichols Threat Brief for February 16-28 2026
Byer-Nichols Threat Brief for February 16-28, 2026. Ransomware remained fragmented, led by Qilin. Large enterprise victims rose to 16 this period.
Byer-Nichols Threat Brief for February 1-15 2026
In early February, APT activity leaned hard on cloud abuse, identity compromise, and long‑dwell access, with UNC3886 standing out for its persistence.
Byer-Nichols Threat Brief for January 16-31 2026
Ransomware stayed hot in late January, with Cl0p jumping to the top after its huge Cleo linked victim dump, while Qilin, Akira, Sinobi and The Gentlemen kept.
Byer-Nichols Threat Brief for January 1-15 2026
We open the new year with a Microsoft CVE dating back to 2009 finally being added to the CISA known exploited vulnerability catalog on the 7th of January.
Byer-Nichols Threat Brief for December 16-31 2025
Byer-Nichols Threat Brief for December 16-31, 2025. Vendor reports slowed as the year ended, but victim counts and actively exploited vulnerabilities persisted.
Byer-Nichols Threat Brief for December 1-15 2025
Byer-Nichols Threat Brief for December 1-15, 2025. LockBit resurfaced in the top 5, Coinbase Cartel elevated the UAE to a top target region.
Byer-Nichols Threat Brief for November 16-30 2025
Qilin leads ransomware activity this period, with CL0P and Akira close behind. Newer and mid-tier groups like Sinobi and DragonForce show rising impact.
Byer-Nichols Threat Brief for November 1-15 2025
One of the most concerning developments over this period has been the discovery of zero-click vulnerabilities in Samsung mobile devices, which have already.
Byer-Nichols Threat Brief for October 16-31 2025
The recent theft of source code from F5 has seen over a quarter of a million F5 BIG-IP instances exposed to potential remote attacks via the Internet, and in.
Byer-Nichols Threat Brief for October 1-15 2025
The emergence of the Scattered LAPSUS$ Hunters 'Trinity of Chaos' has made headlines in recent weeks with their daring extortion attempts of large enterprises.
Byer-Nichols Threat Brief Cybersecurity Data For September 16-30 2025
Of concern in this period is a rise in attacks against Cisco ASA and IOS XE devices, highlighting the exposure of critical network infrastructure.
Byer-Nichols Threat Brief Cybersecurity Data For September 1-15 2025
Of concern in this period is an increase in attackers compromising devices from vendors including SonicWall and especially TP-Link.
Byer-Nichols Threat Brief Cybersecurity Data For August 16-31 2025
Byer-Nichols Threat Brief for August 16-31, 2025. PromptLock malware leverages generative AI to analyze victim files and decide what to exfiltrate.
Byer-Nichols Threat Brief Cybersecurity Data For August 1-15 2025
Small businesses continue to dominate the ranks of breach victims at 84.25%. When we consider that small businesses represent about half of employment.
Byer-Nichols Threat Brief Cybersecurity Data For July 16-31 2025
Byer-Nichols Threat Brief for July 16-31, 2025. Qilin and INC ransomware dominated while Beast entered the top 5, representing 6.35% of attacks.
Byer-Nichols Threat Brief Cybersecurity Data For July 01-15 2025
July 2025 cyber threats: Qilin ransomware hit 16.3% of attacks, targeting small businesses (80.6%) in manufacturing & tech. U.S. most affected (49%).