Bumblebee Loader is a replacement for BazarLoader, which is used by Conti group to deliver ransomware. The Bumblebee infection starts through spam email. This email contains a link to further download an ISO file.
Goodwill ransomware encrypts it victim data and then requires them to show kindness to strangers and confirm this with a message on social networks, as well as record a video in order to be able to return their files.
Yashma Ransomware is the paid version of Chaos Ransomware. It demands a ransom of 300 euros worth of BTC.
Kekpop Ransomware encrypts user data using a combination of AES+RSA algorithms and then demands a ransom of $500 in BTC to get the files back.
BPFDoor is a highly evasive surveillance tool using the Berkeley Packet Filter (BPF). It is allegedly attributed to Chinese threat actors. It is assumed to be deployed on thousands of Linux systems, its controller has gone almost completely unnoticed by endpoint protection vendors despite it being in use for at least five years.