Archive for November 4, 2025

October 2025: Ransomware Attacks Rising 25%

Posted in Commentary with tags on November 4, 2025 by itnerd

n a study published this morning, Comparitech found that ransomware attacks increased by 25 percent in October, rising to 684 in comparison to 546 in September. This is a significant increase in attacks and the third-highest monthly figure in 2025 so far. 

Manufacturers continue to see the most attacks, accounting for nearly 19 percent of attacks in October, but only rose 9% from September. In contrast, attacks on the healthcare sector rose significantly, jumping 115%. Other sectors that saw high increases were transportation (109%) and retail (104%).

Key findings for October include: 

  • 684 attacks in total — 47 confirmed attacks (confirmed by the entity involved)
  • Of the 47 confirmed attacks:
    • 27 were on businesses
    • 10 were on government entities
    • 3 were on healthcare companies
    • 7 were on educational institutions
  • Of the 637 unconfirmed attacks*:
    • 561 were on businesses
    • 14 were on government entities
    • 53 were on healthcare companies
    • 8 were on educational institutions
  • The most prolific ransomware gangs were Qilin (186), Akira and Sinobi (70 each), INC (32), Play (26), and DragonForce (20)
  • Qilin had the most confirmed attacks (10), followed by Clop (4) and RansomHouse (3)
  • Where hackers provided the data theft size (in 315 cases), over 162 TB of data was allegedly stolen, an average of 516 GB per breach
  • The US saw the most attacks (374), a 33 percent increase from September (282). Australia saw one of the biggest monthly increases in attacks (rising from four to 14), as did Japan (rising from three to 10)

For full details, including more details on the most impacted sectors, most active ransomware gangs, as well as most targeted countries, the full October ransomware roundup can be read here: https://www.comparitech.com/news/ransomware-roundup-october-2025/

Leave a comment »

RapidFire AI Launches Open Source Package to Accelerate Agentic RAG and Context Engineering Success

Posted in Commentary with tags on November 4, 2025 by itnerd

RapidFire AI today announced at Ray Summit 2025 RapidFire AI RAG, an open-source extension of its hyperparallel experimentation framework that brings dynamic control, real-time comparison, and automatic optimization to Retrieval-Augmented Generation (RAG) and context engineering workflows.

Agentic RAG pipelines that combine data retrieval with LLM reasoning and generation are now at the heart of enterprise AI applications. Yet, most teams still explore them sequentially: testing one chunking strategy, one retrieval scheme, or one prompt variant at a time. This leads to slow iteration, expensive token usage, and brittle outcomes.

Hyperparallel RAG Experimentation

RapidFire AI RAG applies the company’s hyperparallel execution engine to the full RAG stack, allowing users to launch and monitor multiple variations of data chunking, retrieval, reranking, prompting, and agentic workflow structure simultaneously, even on a single machine. Users see live performance metrics update shard-by-shard, can stop or clone runs mid-flight, and inject new variations without rebuilding or relaunching entire pipelines. Under the hood, RapidFire AI intelligently apportions token usage limits (for closed model APIs) and/or GPU resources (for self-hosted open models) across these configurations.

Dynamic Control and Automated Optimization

Beyond parallel exploration, RapidFire AI RAG introduces dynamic experiment control, a cockpit-style interface to steer runs in real time, and a forthcoming automation layer that supports AutoML algorithms and customizable automation templates beyond just grid search or random search to optimize holistically based on both time and cost constraints.

Maximal Generality and Open Integration

Unlike closed-system RAG builders tied to specific clouds or APIs, RapidFire AI RAG supports hybrid pipelines that mix self-hosted models and closed model APIs across embedding, retrieval, re-ranking, and generation steps. Users can run with OpenAI or Anthropic models, Hugging Face embedders, self-hosted rerankers, and any vector/SQL/full-text search backend, all within the same experiment workspace.

RapidFire AI’s technology is rooted in award-winning research by its Co-founder, Professor Arun Kumar, a faculty member in both the Department of Computer Science and Engineering and the Halicioglu Data Science Institute at the University of California, San Diego.

Availability

RapidFire AI RAG is available now as part of the company’s open-source release and installable via pip install rapidfireai.

To learn more, visit rapidfire.ai or explore the open-source repository on GitHub and the documentation site.

Leave a comment »

Palo Alto Report Outlines China’s Airstalk Supply-Chain Attack Campaign

Posted in Commentary on November 4, 2025 by itnerd

Palo Alto Networks has identified a new Chinese state-sponsored operation using a malware family called Airstalk to infiltrate business process outsourcing (BPO) providers as a conduit into their enterprise clients. The campaign leveraged PowerShell and .NET variants, abused AirWatch’s MDM API for covert C2, and used stolen signing certificates and timestamp manipulation to evade detection.

You can read Palo Alto’s report here: Suspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack

VP of Cyber Risk for HITRUST, Tom Kellermann had this to say:

“The Airstalk campaign demonstrates China’s continued pivot toward deep supply-chain infiltration, targeting BPOs as operational beachheads to silently reach their clients’ networks. By abusing AirWatch’s MDM API and pairing PowerShell and .NET implants with stolen certificates and timestamp tampering, Chinese operators are weaponizing trusted enterprise mobility infrastructure as covert C2 channels. This is calculated espionage, not opportunism. BPOs are trust concentrators, and once breached, they provide a direct path into multiple U.S. corporate environments. We must elevate third-party security monitoring, particularly API abuse detection and certificate validation, or these persistent access campaigns will proliferate unchecked across the economy.”

This highlights the threats that a supply chain attack can pose. It also shows the lengths that an organization will go to execute their plans. This attack is multi-layered which makes it harder to defend against. But not impossible if you take a more holistic view to securing your organization.

Leave a comment »

Active Archive Alliance Releases Report on How Active Archives Unlock the Value of Data for Innovation and Discovery 

Posted in Commentary with tags on November 4, 2025 by itnerd

The Active Archive Alliance today released a special report, “Preparing for Tomorrow’s Expanding Storage Challenge with Active Archive,” which showcases how active archives are solving data growth challenges and transforming data archives from passive repositories into active engines for innovation and discovery. It also highlights the need for new secondary storage tiers to address today’s data-driven applications.

Active archives enable reliable, online and cost-effective access to data throughout its life. They are compatible with flash, disk, tape, optical, cloud and emerging technologies, as well as file, block or object storage systems.

The report highlights applications and industries where active archives are ideal, including compliance and legal discovery, artificial intelligence (AI), machine learning, big data analytics, video surveillance, medical research and high-performance computing (HPC) environments. It also expands on key benefits of utilizing an active archive:

  • Sustainability: The growing demands of AI computing are pushing data centers and energy grids to their limits. By migrating low-activity or inactive data from HDDs to tape with an active archive, organizations can significantly reduce carbon emissions. 
  • Security: An active archive strengthens the protection of archival data by incorporating advanced features such as encryption, data immutability and an air gap, along with access and authentication controls.
  • Capacity and Performance: HDDs are widely used for storing massive datasets for AI training and inference, and they continue to increase capacity through innovations such as HAMR (Heat-Assisted Magnetic Recording), potentially enabling capacities to reach 50 TB per drive. At the same time, the LTO Ultrium roadmap calls for tape capacities to double with each new generation, with LTO-14 delivering up to 1,440 TB (1.44 PB) compressed per cartridge. HDDs and tape most often combine to host an active archive, offering features that boost both capacity and performance. 
  • Data Migration: An active archive for hybrid clouds is a modern data management solution that bridges on-premises and cloud environments, enabling seamless, long-term storage and access to archival data. Frequently accessed data can remain on premises or in high-performance cloud tiers, while less frequently accessed data is automatically moved to low-cost cloud storage.

The special report is a collaborative effort among the members of the Active Archive Alliance, who are bringing innovative technology solutions to the market to help meet the increased demand for effective data management. 

The full report is available here: Preparing for Tomorrow’s Expanding Storage Challenge with Active Archive.

Supporting Resources

Leave a comment »