Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Following the emergence of data-leak sites (DLSs) for Babuk Bjorka, GD LockerSec, and Morpheus in January 2025, a new extortion group called Kraken and its DLS has been observed in February. Read on to find out what Cyjax knows so far about this new threat group.

In today’s digital landscape, cyber threats are evolving at an unprecedented pace, growing more sophisticated and harder to detect. With each passing day, businesses and individuals alike find themselves navigating an increasingly complex threat environment. This complexity isn’t just about the number of attacks, it’s about their evolving tactics, the widening attack surface, and the sheer difficulty of distinguishing real threats from background noise.

Cyjax operates within the dark web and ‘hidden service’ spaces to ensure a rich and current intelligence picture for its clients, enabling them to understand the changing threat landscape and prepare for incoming attacks and mitigate existing ones. Predicting an attack can be difficult, but fun!

This report will provide an overview of the various extortion groups, hacktivists, and initial access brokers (IABs) targeting the Middle East throughout 2024 and highlight the relevant observed trends. Specifically, this report will look at incidents affecting Egypt, Iran, Iraq, Saudi Arabia, Yemen, Syria, Jordan, United Arab Emirates, Israel, Lebanon, Oman, Kuwait, Qatar, and Bahrain.

Following the emergence of data-leak sites (DLSs) for extortion group’s Morpheus and GD LockerSec in January 2025, Cyjax has discovered a DLS which claims that the infamous Babuk ransomware group has returned. Read on to find out what we know so far.

Ransomware is one of the most prominent cybersecurity threats today, often spreading via phishing emails, malicious links, infected attachments, or exploiting software vulnerabilities. It is a type of malware designed to block access to files, data, or entire systems until a ransom is paid, usually in cryptocurrency. Beyond the financial impact, ransomware causes operational disruption and long-term reputational damage. The frequency and scale of ransomware attacks have surged in recent years.

Following the emergence of data-leak sites (DLSs) for extortion group Morpheus earlier this year, Cyjax has discovered a DLS for a new extortion outfit going by the name GD LockerSec. Read on to find out what we know so far.

The threat landscape is evolving at an unprecedented rate, with organisations facing increasingly complex and malicious cyber threats. As cyber-attacks grow in frequency and sophistication, Cyber Threat Intelligence (CTI) has emerged as a critical focus for many organisations striving to counter these rising challenges effectively.

The global threat intelligence market size was valued at USD 5.80 billion in 2024. The market is projected to grow from USD 6.87 billion in 2025 to USD 24.05 billion by 2032, exhibiting a CAGR of 19.6% during the forecast period. This tremendous growth translates into an increase in both the supply and demand for skilled professionals in threat intelligence.

Defenders often discuss security vulnerabilities on GitHub, Stack overflow, X (formerly Twitter), and other platforms to share knowledge of these threats and ensure users know when patches are available. Cybercriminals have a similar process, choosing to share vulnerability news, exploit code, and engage in technical discussions on cybercriminal forums. However, in contrast to defenders, these threat actors share this knowledge for the purpose finding unpatched systems and exploiting them.