Skip to main content

Tag: ransomware attacks

14 articles

Office worker sits at desk with laptop, showing subtle concern on face.

Ransomware Attacks Surge Through Compromised Logins

Ransomware attacks are surging, with a staggering 79% of incidents linked to compromised identities and legitimate user logins, making it the most common entry point for hackers. This marks a significant shift away from traditional software flaw exploitation, now accounting for just 18% of initial attacks.

Analyst 207
Rows of computer servers and storage equipment with warning lights on front panels in a brightly-lit data center.

Citrix Bleed 2 Exploit Fuels Ransomware Attacks

Ransomware attacks are on the rise, fueled by a new exploit that has already made a significant impact, and now a major software company has ordered its customers to take critical systems offline due to a credible security threat. Progress has urged customers to shut down vulnerable Windows servers to prevent potential breaches.

Analyst 207
Server room with equipment racks and monitors, a lone blank laptop screen in foreground.

Ransomware Operators Leverage AI for Autonomous Attacks

Meet JADEPUFFER, a pioneering threat actor that's harnessing AI to launch autonomous ransomware attacks - and adapting in real-time to get the job done. This groundbreaking tactic has been observed by researchers, who spotted JADEPUFFER's lightning-fast 31-second pivot from a failed login to a successful exploit.

Analyst 207
Person at desk looks concerned while staring at laptop in a brightly-lit office setting with blurred law enforcement logo…

Ransomware Attacks Targeted via Fake Interpol Emails

Beware of fake Interpol emails that could be ransomware traps! Cybercriminals are impersonating the law enforcement agency, sending unsolicited emails with suspicious links and password-protected files, trying to trick organizations into compromising their security.

Analyst 207
Empty hospital corridor with people in distance, blurred laptop screen on nearby desk, conveying concern and unease.

Ransomware Attacks Surge Across Europe

Ransomware attacks are surging across Europe, with a staggering 55.1% year-over-year increase in just the first four months of 2026, averaging 171 incidents per month. Five key countries - Germany, the UK, France, Italy, and Spain - are bearing the brunt, accounting for 70% of all recorded attacks.

Analyst 207
Modern office space with scattered papers and an open file cabinet, hinting at disruption.

Ransomware Attacks Shift to Data Theft Tactics

Ransomware attacks have taken a sinister turn, with a growing number of hackers ditching decryption keys and instead using stolen data to extort their victims. In fact, a recent report found that a whopping 87% of ransomware claims now involve data theft, with encryption becoming a thing of the past.

Analyst 207
Law enforcement officials stand in front of seized servers in a briefing room.

Law Enforcement Disrupts First VPN Service Tied to Ransomware Attacks

In a major cybercrime crackdown, law enforcement agencies have dismantled a notorious VPN service used by ransomware attackers, seizing 33 servers and taking its domains offline in a coordinated operation across 27 countries. The takedown of First VPN, a so-called "no-logs" provider, has dealt a significant blow to threat actors behind ransomware and data theft campaigns.

Analyst 207
Laptop screen displays Microsoft Teams meeting in modern office setting with blurred cityscape background.

MuddyWater Exploits Microsoft Teams in False Flag Ransomware Attacks

MuddyWater hackers are impersonating Chaos ransomware affiliates, using clever social engineering tactics via Microsoft Teams to steal credentials and gain access to sensitive systems. Their sophisticated campaign involves interactive screen-sharing and manipulation of multi-factor authentication.

Analyst 207
Formal courthouse or government building interior with subtle seal emblem.

Cybersecurity Experts Imprisoned for Ransomware Extortion Scheme

Two American cybersecurity experts, Ryan Goldberg and Kevin Martin, have been sentenced to prison for their roles in a brazen 2023 ransomware campaign that targeted companies across the United States. Their crimes have brought to light the severe consequences of cyberattacks and the importance of protecting businesses from such threats.

Analyst 207
Government building with tall windows, abstract seal, and blurred laptop in foreground.

US Sentences Two Cybersecurity Pros for BlackCat Ransomware Role

Two cybersecurity experts turned to a life of crime, using their specialized knowledge to extort victims through BlackCat ransomware attacks, and have been sentenced to four years in prison for their roles. Ryan Goldberg and Kevin Martin deployed the ransomware against multiple US victims between April and December 2023.

Analyst 207
Cracked laptop screen with eerie glow, snake-like cord morphing into menacing stone face.

Microsoft Uncovers Storm-1175's Medusa Ransomware Link

Microsoft just dropped a crucial report linking Storm-1175, a notorious threat actor, to high-velocity Medusa ransomware attacks that exploit flaws in networked systems. This newly uncovered connection raises the alarm for anyone building, defending, or relying on these systems to stay vigilant against Medusa ransomware attacks.

Analyst 207
China-Linked Storm-1175 Weaponizes Zero-Days to Fuel Medusa Ransomware Blitz

China-Linked Storm-1175 Weaponizes Zero-Days to Fuel Medusa Ransomware Blitz

Medusa ransomware attacks are happening at alarming speed, thanks to a China-linked threat actor called Storm-1175 that is exploiting a potent mix of zero-day and known vulnerabilities to rapidly infect exposed systems. This high-velocity campaign is a stark reminder of the evolving ransomware threat landscape.

Analyst 207
BKA Unmasks REvil Ransomware Leaders Behind 130 German Attacks

BKA Unmasks REvil Ransomware Leaders Behind 130 German Attacks

Germany's Federal Criminal Police Office has made a major breakthrough, unmasking the leaders behind the notorious REvil ransomware operation, responsible for 130 devastating attacks on companies, hospitals, and municipalities across the country. The culprits, once hidden behind aliases, have finally been exposed.

Analyst 207
Akira Ransomware Executes Attacks in Under 60 Minutes

Akira Ransomware Executes Attacks in Under 60 Minutes

Akira ransomware has become alarmingly efficient, capable of executing a full-scale attack in under 60 minutes - leaving organizations with an incredibly tight window to detect and respond to threats. This lightning-fast strike highlights the urgent need for robust security measures to counter the rapidly evolving ransomware landscape.

Analyst 207