
 Cybersecurity Today
 Cybersecurity Today Lockbit Is Back
 Sep 29, 2025 
 In this discussion, Lockbit 5.0 ransomware is revealed as a formidable new threat capable of simultaneous attacks on multiple platforms. A critical vulnerability in Salesforce's AI agents allows malicious prompts that can compromise sensitive data. The conversation also highlights the impressive advancements of China's Ministry of State Security under Xi Jinping, posing increased risks to Western security. Additional insights point to operational vulnerabilities in the U.S. that may have amplified these risks, underscoring the urgent need for enhanced cybersecurity measures. 
 AI Snips 
 Chapters 
 Transcript 
 Episode notes 
LockBit Targets Entire Enterprise Stacks
- LockBit 5.0 can attack Windows, Linux, and VMware ESXi in a single campaign, expanding impact across entire enterprise stacks.
- Re-engineering, speed, and ESXi backup targeting make it far more dangerous than prior variants.
In-Memory Loads And Speed Are Weapons
- The Windows build uses DLL reflection to load malicious code directly into memory, evading anti-malware detection.
- Faster encryption shrinks detection and response windows, turning speed into a tactical weapon.
Prepare For Revived Affiliate Campaigns
- Monitor affiliate programs and hardened platforms to detect reactivated ransomware frameworks early.
- Prepare incident response for rapid, multi-platform encryption and compromised backups.
