TRU Security Acronis
Threat Research Unit (TRU) Acronis se zaměřuje na aktuální kybernetické hrozby, výzkum útoků a bezpečnostní trendy. Obsah tvoří detailní analýzy nových kampaní, upozornění na zranitelnosti a doporučení pro IT profesionály.
Acronis Threat Research Unit (TRU) has identified a targeted campaign distributing a trojanized version of the Red Alert rocket warning Android app to Israeli users via SMS messages impersonating official Home Front Command communications.
6. 3. 2026
Critical BeyondTrust pre‑auth RCE exploited in the wild, CISA demands immediate remediation, AI platforms like Copilot and Grok demonstrated as covert C2 proxies in new attack technique, and more. Here are the latest threats to MSP security.
2. 3. 2026
This report summarizes patch deployment behavior observed in Acronis telemetry during the second half of 2025. It focuses on patching for Microsoft and third-party applications, and on not whether patching can be done, but how fast patches are actually applied across all devices.
2. 3. 2026
Russian-linked threat actors actively exploit newly patched Microsoft office zero day in targeted attacks, Fintech giant Betterment reports major data exposure affecting 1.4 million users, and more. Here are the latest threats to MSP security.
23. 2. 2026
Over the past few weeks, OpenClaw has rapidly evolved from a niche open‑source project into one of the most widely discussed examples of agentic AI in practice. This combination of intelligence, autonomy and integration is precisely why OpenClaw has captured attention across developer and security communities. It is also why it has become a focal point for serious security concerns.
23. 2. 2026
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis Threat Research Unit (TRU) and Acronis sensors. Figures presented here were gathered in January 2026 and reflect threats that Acronis detected, as well as news stories from the public domain.
18. 2. 2026
Acronis' Threat Research Unit (TRU) has uncovered a malware campaign, dubbed CRESCENTHARVEST, potentially targeting supporters of Iran's ongoing protests with the goal of information theft and long-term espionage.
17. 2. 2026
The Acronis Threat Research Unit (TRU) analyzed the latest version of LockBit ransomware (version 5), which targets Windows, Linux and ESXi systems, and shares some similarities with the previous version 4.
12. 2. 2026
Unsecured MongoDB databases remain easy targets for data exfiltration and extortion campaigns, ShinyHunters’ leak claims prompt Match Group to confirm limited data exposure event, and more. Here are the latest threats to MSP security.
11. 2. 2026
Operation Winter SHIELD is an FBI Cyber Division initiative that has distilled theoretical best practices into ten concrete actions designed to reduce the likelihood of system compromise when attackers strike, and limit damage when incidents occur by focusing on controls that matter most in practice, not on paper.
11. 2. 2026
Acronis Threat Research Unit (TRU) has been tracking Transparent Tribe, also known as APT36, and has uncovered a campaign that stands out for its use of startup-oriented, themed lure material delivered via an ISO container-based file.
4. 2. 2026
AI‑built VoidLink malware emerges with advanced loaders, rootkits and modular attack capabilities, Active attacks leverage telnetd authentication bypass flaw (CVE‑2026‑24061) to obtain instant root access, and more. Here are the latest threats to MSP security.
3. 2. 2026
Grubhub admits breach after hackers access internal systems and exfiltrate sensitive data, France’s Free Mobile hit with €42 million CNIL penalty for security failures in massive 2024 data breach, and more. Here are the latest threats to MSP security.
20. 1. 2026
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis Threat Research Unit (TRU) and Acronis sensors. Figures presented here were gathered in December 2025 and reflect threats that Acronis detected, as well as news stories from the public domain.
16. 1. 2026
Acronis Threat Research Unit (TRU) observed a targeted malware campaign against U.S. government entities leveraging a politically themed ZIP archive containing a loader executable and a malicious DLL. The executable is used to sideload and execute the DLL, which functions as the primary backdoor, tracked as LOTUSLITE.
15. 1. 2026
ClickFix campaigns use fake BSOD screens to trick users into running malware, Newly disclosed Veeam issues highlight ongoing risks to backup infrastructure, and more. Here are the latest threats to MSP security.
12. 1. 2026
In a newly identified campaign, internally referred to as Boto Cor-de-Rosa, our researchers discovered that Astaroth now exploits WhatsApp Web as part of its propagation strategy.
8. 1. 2026
Fake KMSAuto activators spread malware tied to large-scale crypto losses, Zoom-themed browser extensions steal corporate meeting data at scale, and more. Here are the latest threats to MSP security.
5. 1. 2026
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis Threat Research Unit (TRU) and Acronis sensors. Figures presented here were gathered in November 2025 and reflect threats that Acronis detected, as well as news stories from the public domain.
31. 12. 2025
Active exploitation of “MongoBleed” flaw exposes data from over 87,000 servers, Patch released for high-severity RCE issue in n8n workflows, and more. Here are the latest threats to MSP security.
29. 12. 2025
