🔒Security Alert3 min read

Termite ransomware breaches linked to ClickFix CastleRAT attacks

Hackers exploit AI tools, adopt new tactics, and target vulnerabilities, as the US government emphasizes offensive operations and deregulation in its cybersecurity strategy.

Next reporting paths

Choose the next useful branch

Move from this briefing into a fast answer, a wider context trail, or the deeper guided workspace without losing the thread.

Branch map

From this briefing to the next useful reporting move

SSR · qwikr-flow
Summarized from 5 sources

By Emergent News Desk

Sunday, March 8, 2026

𝕏 f in
Termite ransomware breaches linked to ClickFix CastleRAT attacks

Unsplash

Hackers exploit AI tools, adopt new tactics, and target vulnerabilities, as the US government emphasizes offensive operations and deregulation in its cybersecurity strategy.

What Happened

In a recent surge of cyberattacks, ransomware threat actors tracked as Velvet Tempest have been using the ClickFix technique and legitimate Windows utilities to deploy malware and backdoors. This group, also known as DEV-0504, has been involved in devastating ransomware attacks for at least five years, including the deployment of Ryuk, REvil, Conti, BlackMatter, and LockBit strains.

Meanwhile, Microsoft has reported that hackers are increasingly abusing artificial intelligence (AI) in their operations to accelerate attacks, scale malicious activity, and lower technical barriers across all aspects of a cyberattack. AI is being used for reconnaissance, phishing, infrastructure development, malware creation, and post-compromise activity.

Why It Matters

The escalating use of AI in cyberattacks highlights the need for organizations to adopt more sophisticated security measures. The US government's new cybersecurity strategy, which emphasizes offensive operations and deregulation, has sparked debate among experts. While some argue that this approach will help disrupt adversaries, others raise concerns about the potential risks and unintended consequences.

What Experts Say

> "By moving the usual 'deterrence' part to the top and focusing on offense, which is usually only lightly referred to in past unclassified strategies, the administration has greatly emphasized that pillar, which will clearly get it the most attention in the short term." — Ari Schwartz, managing director of cybersecurity services and policy at Venable LLP

Key Facts

  • Who: Velvet Tempest (DEV-0504) ransomware group
  • What: Using ClickFix technique and AI-driven attacks
  • When: Observed between February 3 and 16
  • Where: Targeted a non-profit organization in the US
  • Impact: Deployed malware and backdoors, highlighting the need for advanced security measures

New Tactics and Techniques

Threat actors are continuously evolving their tactics to evade detection. In a recent campaign, ClickFix attackers used a new tactic to trick employees into installing malware. Instead of asking victims to copy and paste a malicious command into the Run dialog, they prompted them to use the Windows + X → I shortcut to launch Windows Terminal (wt.exe) directly. This tactic evades defenses looking for unusual run commands and bypasses security awareness training.

The Role of AI in Cybersecurity

As AI becomes increasingly prevalent in cyberattacks, organizations must adopt AI-native security solutions to stay ahead of the threats. Cylake's platform, for example, analyzes security data locally and identifies potential attacks without relying on cloud services.

What Comes Next

As the cybersecurity landscape continues to evolve, organizations must prioritize advanced security measures, including AI-native solutions, to protect against increasingly sophisticated threats. The US government's new cybersecurity strategy will likely have significant implications for the industry, and experts will be watching closely to see how it plays out.

Fact-checked Real-time synthesis Bias-reduced

This article was synthesized by Fulqrum AI from 5 trusted sources, combining multiple perspectives into a comprehensive summary. All source references are listed below.

Coverage at a Glance

5 sources

Compare coverage, inspect perspective spread, and open primary references side by side.

Linked Sources

4

Distinct Outlets

2

Viewpoint Center

Not enough mapped outlets

Outlet Diversity

Very Narrow
0 sources with viewpoint mapping 0 higher-credibility sources 1 reference without direct URL
Coverage is still narrow. Treat this as an early map and cross-check additional primary reporting.

Coverage Gaps to Watch

  • Thin mapped perspectives

    Most sources do not have mapped perspective data yet, so viewpoint spread is still uncertain.

  • No high-credibility anchors

    No source in this set reaches the high-credibility threshold. Cross-check with stronger primary reporting.

Read Across More Angles

Check the live asymmetry watch

Frontier can tell you whether this story’s lane is thin, transport-monoculture, or missing stronger anchors right now.

Open frontier →

Audit how this story fits your mix

Reader Lens now tracks source-dossier and lane visits, so you can see whether this story expands your overall reading behavior or reinforces a rut.

Open Reader Lens →

Source-by-Source View

Search by outlet or domain, then filter by credibility, viewpoint mapping, or the most-cited lane.

Showing 4 of 4 cited sources with links.

1 citation-only reference will appear once direct links are available.

Unmapped Perspective (4)

bleepingcomputer.com

Termite ransomware breaches linked to ClickFix CastleRAT attacks

Open

bleepingcomputer.com

Unmapped bias Credibility unknown Dossier
bleepingcomputer.com

Microsoft: Hackers abusing AI at every stage of cyberattacks

Open

bleepingcomputer.com

Unmapped bias Credibility unknown Dossier
csoonline.com

Trump’s cyber strategy emphasizes offensive operations, deregulation, AI

Open

csoonline.com

Unmapped bias Credibility unknown Dossier
csoonline.com

ClickFix attackers using new tactic to evade detection, says Microsoft

Open

csoonline.com

Unmapped bias Credibility unknown Dossier

Emergent News aggregates and curates content from trusted sources to help you understand reality clearly.

Powered by Fulqrum , an AI-powered autonomous news platform.

Get the latest news

Join thousands of readers who trust Emergent News.

More on Security Alert

Healthcare tech firm CareCloud says hackers stole patient data

Critical Flaws Exposed in Multiple Systems

Are Your Cloud Security Defenses Wide Open to Attack?

Are AI Pipelines Secure Enough?

Cybersecurity Under Siege: Hacks and Vulnerabilities Expose Data Risks

File read flaw in Smart Slider plugin impacts 500K WordPress sites

View all Security Alert articles

More from Emergent News

Bitcoin Market Sees Volatility as Institutions Buy the Dip and Retail Interest Surges Unsplash
news 3 min
Bitcoin Market Sees Volatility as Institutions Buy the Dip and Retail Interest Surges

The bitcoin price has rebounded above $71,000 after a sharp sell-off, with institutions buying the dip and retail interest surging. The market has seen significant volatility, with a CME gap remaining open and a Bithumb blunder sending $44 billion to users. Meanwhile, tokenized equities are approaching $1 billion in value, and broad-based bitcoin accumulation has emerged after a sharp capitulation.

Feb 8 Read more
Trump's Housing Plan Sparks Generational War, While AI and Technology Advance in Various Fields Unsplash
news 3 min
Trump's Housing Plan Sparks Generational War, While AI and Technology Advance in Various Fields

President Trump's plan to keep home prices high may bolster his standing with older voters but risks alienating younger generations. Meanwhile, technology is advancing in various fields, from AI-powered tools to combat wildlife trafficking to visual AI enhancing the Super Bowl experience.

Feb 8 Read more
The Future of AI: Merging Power, Ethics, and Innovation Unsplash
news 3 min
The Future of AI: Merging Power, Ethics, and Innovation

As Elon Musk rewrites the rules on founder power, the AI community is abuzz with the potential of large language models and their applications. However, with great power comes great responsibility, and experts are calling for a shift from guardrails to governance in securing agentic systems. Meanwhile, the truth crisis surrounding AI-generated content continues to unfold.

Feb 6 Read more
Unraveling the Mysteries of Life: Breakthroughs in DNA, Evolution, and Consciousness Unsplash
news 3 min
Unraveling the Mysteries of Life: Breakthroughs in DNA, Evolution, and Consciousness

Recent discoveries in genetics, evolution, and consciousness are revolutionizing our understanding of life on Earth. From the hidden world inside DNA to the surprising origins of dogs and whales, scientists are uncovering the secrets of our planet's history and the intricate web of relationships between species.

Jan 9 Read more
A World in Flux: Environmental Concerns, Technological Advancements, and Societal Impacts Unsplash
news 3 min
A World in Flux: Environmental Concerns, Technological Advancements, and Societal Impacts

From the worsening air quality in Delhi to the latest breakthroughs in gene editing, our world is facing numerous challenges and opportunities. This article delves into the intersection of environmental concerns, technological advancements, and their impacts on society, exploring the complexities and potential solutions.

Jan 6 Read more
Streaming Services Drive Asia-Pacific Video Revenue Growth Amid Traditional TV Decline Unsplash
news 3 min
Streaming Services Drive Asia-Pacific Video Revenue Growth Amid Traditional TV Decline

The Asia-Pacific region is expected to see significant growth in video revenue, driven by streaming services and social video platforms, while traditional television continues to decline. Meanwhile, the entertainment industry is abuzz with news of TV show renewals and cancellations, music booking changes, and celebrity feuds.

Jan 6 Read more
← Back to Homepage
← Back to Security Alert