In May 2025, a financial institution in Asia was targeted by Fog ransomware, marking a significant shift in attack tactics. Unusually, the attackers deployed legitimate employee monitoring software, Syteca (formerly Ekran), and several open-source pentesting tools, including GC2, Adaptix, and Stowaway—tools not typically associated with ransomware attacks....