Experts uncovered a new Osiris ransomware strain that used a custom POORTRY driver in a BYOVD attack to disable security tools & steal data in 2025.

The Tidyverse Blog offers insights, tutorials, and updates on the Tidyverse, a collection of R packages for data science and statistical computing. Covering topics such as data manipulation, visualization, and analysis, the blog provides resources for R developers looking to leverage the power of the Tidyverse for their data projects. Developers can learn how to use Tidyverse packages effectively to clean, transform, and analyze data in R.

The Hacker News

Osiris is a new ransomware strain discovered in November 2025 that targeted a Southeast Asian food service operator using a BYOVD (Bring Your Own Vulnerable Driver) attack with the POORTRY driver to disable security software. The ransomware uses hybrid encryption with unique keys per file and can terminate processes and services. Researchers found potential links to INC ransomware operators through shared tools and techniques. The attack involved data exfiltration to Wasabi cloud storage using Rclone, deployment of dual-use tools like Netscan and MeshAgent, and custom Rustdesk software. Ransomware attacks increased 0.8% in 2025 to 4,737 claimed incidents, with Akira, Qilin, and Play among the most active groups. The report also details recent developments including LockBit 5.0's two-stage deployment model, new RaaS operations like Sicarii, and various attack techniques exploiting RDP vulnerabilities.

New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack