Researchers at Sophos describe a new strain of the Snatch ransomware that automatically reboots Windows machines into Safe Mode before encrypting the hard drive, which allows it to avoid detection by antivirus programs. Sophos says that "the severity of the risk posed by ransomware which runs in Safe Mode cannot be overstated." The attackers use brute force attacks to break into organizations, and then manually spread laterally throughout the network.
Netskope published research on a family of adware called "Lnkr." Lnkr is a JavaScript ad injector that's most commonly distributed via malicious browser extensions, particularly in Chrome. Once it's installed, it will inject ads into all of the victim's web traffic. To get rid of Lnkr, Netskope recommends uninstalling all Chrome extensions and then removing and reinstalling Chrome itself. If this doesn't fix the issue, then it's likely that the system was infected with another type of malware that delivered the adware.