[HIGH] | No patch available | Active credential abuse confirmed | Act on mitigations now

Organizations across Europe face a growing challenge: maintaining strong cybersecurity while meeting increasingly complex digital sovereignty requirements.

The Cybersecurity and Infrastructure Security Agency (CISA) recently published Binding Operational Directive 26-04. BOD 26-04 emphasizes the need for federal entities to identify vulnerabilities and prioritize deploying security updates; this ensures vulnerabilities are remediated through a structured, intentional program to mitigate significant risks of compromise. This directive specifically impacts units of federal (civilian) executive branch agencies accessing and/or operating corresponding federal civilian information systems. BOD 26-04 also impacts the systems managed by third parties, most notably FedRAMP providers and supporting agencies.

Here is a ransomware trend that is becoming more frequent in 2026: The same victim organizations are posted twice, under two different flags. This is occurring frequently enough that we stopped treating it as a curiosity and went looking for the why behind this trend. We expected one answer, but we found at least five.Our team discussed this increasing trend during our Ctrl-Alt-DECODE ep. 10 livestream and in our monthly Threat Debrief, which ranks the most active ransomware groups and recent ransomware news. Now, let's take an in-depth look.

Bitdefender recently rolled out new functionality in Bitdefender GravityZone, a unified cybersecurity platform that provides prevention, protection, detection, and response capabilities for organizations of all sizes. These features are consistent with our multi-layered security strategy and are intended to ease the workload of security analysts, administrators, and users.

Simple investigations are known for only starting out that way. They can quickly become a time-consuming and complicated process that requires finding connected data points across disconnected tools and workflows.This slows investigations, increases the amount of manual analysis required during triage and response, and makes it harder for teams to confidently prioritize what matters most.What teams need is fast and rich threat context that helps them investigate threats more efficiently to improve detection quality and reduce the time spent validating indicators manually. The ability to quickly understand whether activity is suspicious, connected to known threats, or part of a larger attack makes a significant difference during investigations.Bitdefender Threat Intelligence Solutions rapidly provides enriched threat data and contextual insights, leveraging insights from the more than 50 billion queries the company processes each day, discovering more than 1,000 new cyberthreats each minute. These solutions also provide flexible integrations to support modern security operations and help teams work more efficiently within their existing environments.

Why Are Leading Ransomware Groups Claiming the Same Victims?

Many organizations are rethinking how they approach endpoint security. And this time, they’re looking to simplify things rather than add more tools. The goal is to reduce complexity and risk, lower costs, and stop attacks earlier in their lifecycle.

Bitdefender Recognized for a Fourth Consecutive Year for Its Ability to Execute and Completeness of Vision Cybersecurity is undergoing a fundamental shift. Organizations are no longer focused solely on detecting threats after compromise. Increasingly, they are prioritizing proactive risk reduction, operational resilience, and integrated security platforms that simplify operations while strengthening outcomes.

Cybersecurity teams are facing a difficult reality: attacks are evolving faster than many organizations can adapt.

As exclusive cybersecurity partner of Scuderia Ferrari HP, Bitdefender supports Ferrari in strengthening its cybersecurity posture through the deployment of the GravityZone platform across its infrastructure.

Email is the front door to your customers’ environments.

Bitdefender GravityZone Business Security Enterprise recorded 100% relevant telemetry across all 14 attack steps during our inaugural participation in AV-Comparatives’ EDR Detection Validation Certification Test, published May 2026. Bitdefender was the only certified product to achieve complete chain-of-attack visibility.

I'd like to thank my co-author, Martin Zugec, for his valuable contributions to this report.

In a crowded cybersecurity market, recognition matters, but only when it reflects real-world impact.

KryBit Ransomware Strikes Back, Exposing 0APT

[CRITICAL] | Active extortion campaign | Exposure window closed | Credential rotation and phishing defense required

Bitdefender rolled out new functionality in Bitdefender GravityZone, a unified cybersecurity platform that provides prevention, protection, detection, and response capabilities for organizations of all sizes. These features are consistent with our multi-layered security strategy and are intended to ease the workload of security analysts, administrators, and users.

How are organizations using the Bitdefender GravityZone Endpoint Protection Platform (EPP) to reduce risk? Verified customers answer this question in the paragraphs below.

As Linux dominates cloud-native infrastructure and macOS becomes the standard for high-value targets in development and executive leadership, the attack surface is no longer Windows-centric. Modern attack playbooks weaponize Living off the Land (LOTL) binaries–pre-installed, legitimate system tools–to blend malicious activity with normal operations and bypass standard detection telemetry.