Tag: ransomware as a service
25 articles

The Gentlemen Ransomware Expands Reach with Lucrative Affiliate Model
Meet The Gentlemen, a ransomware group that's rapidly risen to notoriety with a game-changing affiliate model that dishes out a whopping 90% payout to its partners. This lucrative approach has helped them scale from a small operation to one of 2026's most active ransomware-as-a-service programs in record time.

Ransomware Gang Exploits Supply Chain Attacks in New Partnership
Ransomware gangs are now operating like businesses, forming partnerships to supercharge their attacks - and a new alliance between Vect and TeamPCP is a prime example, combining massive credential theft with devastating ransomware-as-a-service operations. This unprecedented pairing puts organizations directly in the crosshairs.

The Gentlemen Ransomware Gang Exposes Advanced Tactics
Meet The Gentlemen, a notorious ransomware gang that's made a name for itself with sophisticated tactics, ranking among the top 10 ransomware actors in just a few months. Since February 2026, they've been wreaking havoc across industries and geographies, with a strong presence in Brazil, China, Indonesia, Taiwan, and Thailand.

INC Ransomware Targets 830+ Victims, Expands as Major RaaS Threat
The INC ransomware group has rapidly grown into a major threat, claiming over 830 victims since August 2023, with US organizations making up more than 65% of those affected. Sectors such as legal services, manufacturing, and healthcare are among the most targeted, as INC expands its reach as a prominent Ransomware as a Service (RaaS) operation.

Ransomware Attacks Shift to Data Theft Tactics
Ransomware attacks have taken a sinister turn, with a growing number of hackers ditching decryption keys and instead using stolen data to extort their victims. In fact, a recent report found that a whopping 87% of ransomware claims now involve data theft, with encryption becoming a thing of the past.

Ransomware Gang 'The Gentlemen' Traced to Suspected Russian Operator
Meet The Gentlemen, a notorious ransomware gang that's rapidly growing in power thanks to its unusually generous 90/10 affiliate revenue split, outshining the industry standard 80/20 and attracting top talent from rival groups. This bold move has catapulted them to become the second most active ransomware group, with over 332 reported victims since mid-2025.

Gentlemen Ransomware Spreads Rapidly Through Affiliate Network
Gentlemen Ransomware is spreading rapidly through its affiliate network, fueling a surge in multi-platform attacks and infections linked to the malicious tool SystemBC. This ransomware-as-a-service operation is making it alarmingly easy for cybercriminals to join the fray and wreak havoc.

Anubis Ransomware Gang Targets Signature Healthcare in 2TB Data Heist
In a chilling 2TB data heist, the Anubis ransomware gang has struck Signature Healthcare in Massachusetts, stealing sensitive patient information despite claiming they didn't encrypt the hospital's systems. As the healthcare system scrambles to cope, patients are feeling the impact, with ambulance patients being diverted and clinicians forced to go old-school with paper records.

Ransomware Evolves with AI-Fueled Mutation Tactics
The game-changing threat of AI-fueled ransomware is here: hackers can now wield polymorphic malware that mutates on the fly, making it exponentially harder to detect and stop. This emerging menace is made possible by ransomware-as-a-service platforms supercharged with artificial intelligence.

BKA Unmasks REvil Ransomware Leaders Behind 130 German Attacks
Germany's Federal Criminal Police Office has made a major breakthrough, unmasking the leaders behind the notorious REvil ransomware operation, responsible for 130 devastating attacks on companies, hospitals, and municipalities across the country. The culprits, once hidden behind aliases, have finally been exposed.

Akira Ransomware Executes Attacks in Under 60 Minutes
Akira ransomware has become alarmingly efficient, capable of executing a full-scale attack in under 60 minutes - leaving organizations with an incredibly tight window to detect and respond to threats. This lightning-fast strike highlights the urgent need for robust security measures to counter the rapidly evolving ransomware landscape.

University of Mississippi Medical Center Offline: Shocking
When a ransomware attack knocked the University of Mississippi Medical Center offline, clinicians were reduced to paper charts and radios while appointments and critical systems stalled. Its a stark reminder that cybercrime now threatens not just data and dollars, but patient care and safety.

Ransomware Exclusive: Stunning Worst Surge of 2025
Think ransomware was fading? The 2025 ransomware surge proves otherwise—smarter, faster attacks (retail incidents jumped 58% in Q2) are crippling stores, exposing data and stretching insurers and regulators to the breaking point.

Security Leaders Exclusive: Alarming Marquis Breach Insight
The Marquis data breach forces a simple but urgent question: when a trusted provider is compromised, who pays — the vendor, its customers, or the wider ecosystem? With attackers evolving faster than defenders, security leaders say it’s time to rethink third‑party and supply‑chain risk.

Cyber-Insurance Payouts Soar 230% UK Stunning Costly Spike
Think cyber insurance is a safety net? With UK payouts up 230% in 2024, rising ransoms and recovery bills are forcing businesses and regulators to rethink who will shoulder the real cost of cyber attacks.

Qilin Ransomware Exclusive: Damaging Surge Hits Small Firms
Qilin ransomware has evolved into a commercialized threat that turns simple security lapses—phishing, weak credentials or exposed remote access—into crippling double‑extortion attacks on small and mid-sized firms. With affiliates and leak sites amplifying its reach, now’s the time for SMBs to shore up the basics before opportunistic criminals profit.

DragonForce Cartel Exclusive Deadly Conti Ransomware Threat
Get an exclusive look at how the DragonForce Cartel is unleashing the deadly Conti Ransomware—and learn who’s at risk and simple steps you can take to protect yourself.

Conti Suspect Shocking Court Debut Shows Damaging Leads
A Ukrainian national’s U.S. court debut in a Conti-related ransomware case pulled back the curtain on how cybercrime now moves like commerce—crossing borders, inflicting massive economic harm, and leaving a trail of damaging leads. The indictment is just the opening move in a complex fight to hold this near‑industrial extortion trade to account.

Leak Site Ransomware Victims: Alarming 13% Spike Exclusive
Wake-up call: ransomware victims in Europe surged 13% year‑on‑year as criminals adopt stealthy, profit-driven tactics—RATs, data theft and public leak sites—to extract bigger payoffs. Businesses, governments and households need to rethink defenses now before they become the next target.

Qilin Ransomware Exclusive: Alarming 40+ Cases Monthly
Qilin ransomware is surging — over 40 incidents monthly — using double‑extortion leak sites that weaponize stolen files into lasting reputational damage. Is your organization prepared to respond beyond just restoring backups?

Collaboration and AI: Stunning Best Defense for Agencies
Collaboration and AI are becoming the winning lifeline for federal agencies facing smarter, faster cyberattacks. By pairing shared threat intelligence with machine-speed detection and response, agencies can turn fragmented defenses into proactive, resilient security.

Security Leaders: Exclusive, Alarming Threat Evolution
Security leaders face an urgent choice: overhaul defenses now or accept a rising tide of risk. Threat evolution has accelerated — commodified crimeware, AI-driven automation and sprawling attack surfaces mean attackers are moving faster than most organizations can respond.

60% of Security Leaders: Stunning, Critical Threat Shift
Sixty percent of security leaders warn that threat actors are evolving too quickly for organizations to keep up. Commodified cybercrime, automation and an expanding attack surface are squeezing defenders’ time to detect, respond and contain — and the consequences are real.

LockBit Exclusive: Critical New Victims Revealed
LockBit keeps changing its playbook—September telemetry uncovered roughly a dozen incidents, about half tied to a new strain that can hit Windows, Linux and hypervisors. That cross‑platform reach broadens the blast radius from a single breach and forces defenders to rethink old assumptions.