Each week, FortiGuard Labs publishes a weekly Threat Brief discussing memorable threat activity during the week. Here is a recap of what we cover in this week's Threat Brief:

• Attacks against the BlueKeep vulnerability have started. Fortunately, these attacks are not deemed wormable, at least yet, but they instead exploit the BlueKeep vulnerability to simply install cryptocurrency mining malware on infected systems.

• Our FortiGuard Labs researchers have been assessing web applications with embedded Scalable Vector Graphics (SVG) images. While SVG provides flexibility that enables the creation of more dynamic web content, it also introduces additional security risks. We discuss common SVG attack vectors.

• A popular Android keyboard app, Ai.type, was removed from Google Play earlier this year, once it was deemed malicious, but not before it had been downloaded on 40 million devices. The app makes suspicious requests that trigger the purchase of premium digital services.

• We don’t often see large-scale spamming campaigns as they are difficult to get past anti-spam technologies. But this week there were two with emails written in German each using Excel attachments.

• We also discuss a new Buran ransomware variant which uses the ransomware-as-a-service model. This variant is delivered by the RIG Exploit Kit. There are strong indicators that the developers behind Buran are located in Russia.

You can find more details about these and other cyber threat concerns in the FortiGuard Labs Weekly Threat Intelligence Brief. Read this week's issue and subscribe to the weekly email distribution.