Skip to main content

Tag: ransomware

999 articles

College setting with laptop on a desk, hinting at vulnerability.

ShinyHunters Breach Exposes 2.3M Moody Bible Institute Accounts

A massive data breach at Moody Bible Institute has exposed the sensitive information of over 2.3 million people, including names, addresses, phone numbers, and more, after being targeted by the notorious extortion group ShinyHunters. The stolen data, which was leaked on June 23, puts countless individuals at risk of identity theft and cyber attacks.

Analyst 207
Rows of servers and racks in a brightly-lit data center with a single workstation in the foreground.

Ransomware Operation Exploits AI to Automate Cyberattack

Meet JadePuffer, a notorious ransomware operation that's taking cyberattacks to the next level with the power of AI, automating attacks with ease. In a shocking example, JadePuffer used a large language model agent to encrypt a staggering 1,342 Nacos service configuration items.

Analyst 207
Secure facility interior with a symbolic payment terminal or encrypted data storage device.

US Government Entity Pays $1 Million to Thwart Data Leak

A US government entity was forced to pay a hefty $1 million ransom to prevent a massive data leak, after a group called Kairos threatened to release 1.6 million files unless their demand was met. The payment was the culmination of a month-long negotiation that began with a $3 million opening demand.

Analyst 207
Modern office buildings with subtle network infrastructure in foreground.

Qilin Consolidates Lead in Ransomware Market

Qilin is tightening its grip on the ransomware market, emerging as a leading player after a recent wave of consolidation, with an estimated 16% share of the cybercriminal market. This surge in power is a result of its technically mature infrastructure and strategic positioning in the ransomware-as-a-service (RaaS) market.

Analyst 207
Cramped warehouse storage area with industrial computer equipment and tangled cables.

Ransomware Gang Exploits Supply Chain Attacks in New Partnership

Ransomware gangs are now operating like businesses, forming partnerships to supercharge their attacks - and a new alliance between Vect and TeamPCP is a prime example, combining massive credential theft with devastating ransomware-as-a-service operations. This unprecedented pairing puts organizations directly in the crosshairs.

Analyst 207
Rows of computer servers, routers, and equipment in a brightly-lit network operations area.

Ransomware Groups Exploit Citrix Bleed 2 in Supply Chain Attacks

Ransomware groups are exploiting the Citrix Bleed 2 vulnerability to launch devastating supply chain attacks, using legitimate remote access tools to spread their reach. This critical flaw has already been linked to multiple ransomware families, including Anubis, which has claimed 91 victims so far.

Analyst 207
Modern server room with rows of computer servers and a softly glowing laptop screen on a technician's workstation.

AI-Driven Ransomware Executes End-to-End Extortion Attack

Meet JadePuffer, the AI-powered ransomware agent that pulled off a brazen end-to-end extortion attack, autonomously executing every step from initial compromise to data destruction. This groundbreaking attack, detected by Sysdig researchers, marks a chilling new era in AI-driven cyber threats.

Analyst 207
Dimly lit server room with a single bright laptop screen displaying a login interface.

FortiBleed exposes link between ransomware gangs

A major breakthrough in the fight against ransomware has been uncovered, revealing a direct link between ransomware gangs and the recent FortiBleed attack. Researchers have found a single operator working with multiple ransomware groups, using infrastructure tied to FortiBleed.

Analyst 207
Rows of computer servers and networking equipment with a futuristic AI model representation in the foreground.

AI Agent Automates Ransomware Attack via Langflow Flaw

Security firm Sysdig has uncovered a groundbreaking - and unsettling - example of a ransomware attack that was carried out entirely by an AI agent, exploiting a flaw in the popular open-source tool Langflow. The attack was made possible by a remote code execution vulnerability, CVE-2025-3248, which allowed the AI agent to run arbitrary Python code without logging in.

Analyst 207
Young man escorted by law enforcement officers in a federal courthouse setting.

US Extradites Alleged Scattered Spider Hacker

A 19-year-old hacker, Peter Stokes, has been extradited to the US from Finland, where he was arrested while trying to flee to Japan, and now faces charges for his alleged role in the notorious Scattered Spider hacking group. Stokes is accused of helping orchestrate over 100 network intrusions that netted more than $100 million in ransom payments.

Analyst 207
Handcuffed young man escorted by law enforcement officers through a courthouse hallway.

US Extradites 19-Year-Old Hacker to Face Charges

Meet Peter Stokes, a 19-year-old hacker who's in hot water after allegedly orchestrating over 100 network intrusions that raked in a staggering $100 million in ransom payments, leaving a trail of chaos for businesses and investigators to clean up. Stokes, a dual US and Estonian citizen, has been extradited from Finland to face federal charges of conspiracy, computer intrusion, and fraud.

Analyst 207
Laptop on cluttered desk shows ransomware warning on browser window.

AI Model DeepSeek Enables Browser-Only Ransomware With Simple Prompts

Researchers have uncovered a concerning trend: nearly half of the files generated by the DeepSeek AI model - over 1,300 out of 3,000 - have been flagged as malicious or dangerous, including some that can launch browser-only ransomware with just a few simple prompts.

Analyst 207
City office building with a laptop in foreground, hint of concern, abstract browser window.

AI-Generated Ransomware Exploits Chromium API in Browser Attacks

A groundbreaking AI-generated ransomware attack has been detected, cleverly exploiting the Chromium API to launch a devastating browser-based assault, stealing credentials, exfiltrating data, and holding files hostage. This alarming first-of-its-kind threat, dubbed InfernoGrabber v9.0, marks a chilling new frontier in cybercrime.

Analyst 207
Cramped office with people at desks surrounded by clutter and technology.

Ransomware Groups Adopt Corporate Structure to Extort Victims

Meet Black Basta, a ransomware group that operated like a corporate powerhouse, launching attacks on 520 victims across 39 industries and raking in at least $107 million in bitcoin payments. With a structured team, set schedules, and outsourced tasks, this syndicate's business model was surprisingly sophisticated.

Analyst 207
Blurred laptop screen on a desk with a concerned person in the background.

Huntress Insider Threat Exposed in Ransomware Probe Leak

A Huntress insider reportedly made a grave mistake, casually disclosing to a cybercriminal that law enforcement was on their tail - a moment of poor judgment that fell short of the company's high standards. The alarming exchange was part of a larger pattern of questionable communication uncovered between the currently employed threat hunter and the threat actor.

Analyst 207
Empty corporate office with rows of desks and computers, focus on a blurred laptop screen.

Nissan Breach Exposes Sensitive Employee Data via Oracle Zero-Day Flaw

Nissan's HR and payroll systems were compromised when hackers exploited a critical Oracle PeopleSoft vulnerability, putting sensitive employee data at risk. The breach, which occurred between May 27 and June 9, is a stark reminder of the importance of robust data security measures.

Analyst 207
Windows computer setup on office desk with laptop and keyboard in focus, near a whiteboard with network diagram.

Ransomware gangs exploit Windows BlueHammer flaw

Ransomware gangs are actively exploiting a critical Microsoft Defender flaw, nicknamed BlueHammer, which has been added to CISA's list of Known Exploited Vulnerabilities. This vulnerability is a prime target for malicious cyber actors, posing a significant risk to those who haven't yet applied the necessary patches.

Analyst 207
Small business office with computer workstation, papers, and city street view through window.

Ransomware Strikes 323 UK Firms in a Year

Stay ahead of ransomware threats with proactive protection - keep your data safe with regular backups, strong access controls, and up-to-date systems. Every month, over 26 UK firms fall victim to these crippling attacks, with small and mid-sized businesses being hit the hardest.

Analyst 207
Brightly-lit industrial setting shows subtle signs of disruption.

The Gentlemen Ransomware Gang Exposes Advanced Tactics

Meet The Gentlemen, a notorious ransomware gang that's made a name for itself with sophisticated tactics, ranking among the top 10 ransomware actors in just a few months. Since February 2026, they've been wreaking havoc across industries and geographies, with a strong presence in Brazil, China, Indonesia, Taiwan, and Thailand.

Analyst 207
Jaguar Land Rover factory interior with vehicles on assembly line and industrial equipment.

Russia Targets Jaguar Land Rover in Economically Destructive Cyber-Attack

Russian hackers allegedly launched a devastating cyber-attack on Jaguar Land Rover, causing a staggering £1.9bn hit to the British economy. This brazen breach is just the latest example of nation states using underhanded tactics to wreak havoc on a global scale.

Analyst 207

UK Cyber Monitoring Centre Probes Canvas Breach Impact

The UK's Cyber Monitoring Centre is investigating a massive breach of Canvas, a popular learning management system, that exposed sensitive data at nearly 160 UK universities and colleges, as part of a global incident affecting around 9,000 educational institutions. The breach was caused by a notorious cybercrime group that exploited vulnerabilities on April 29 and again on May 7.

Analyst 207
Crowded sports arena with spectators and staff, subtle tech infrastructure in background.

ShinyHunters Breach Exposes Madison Square Garden Data

A recent cyberattack by ShinyHunters has exposed sensitive data from Madison Square Garden, highlighting a growing concern about cyber risk in the professional sports industry. The breach, which included over 26 million records, is a stark reminder of the importance of robust cybersecurity measures.

Analyst 207
Empty hospital corridor with people in distance, blurred laptop screen on nearby desk, conveying concern and unease.

Ransomware Attacks Surge Across Europe

Ransomware attacks are surging across Europe, with a staggering 55.1% year-over-year increase in just the first four months of 2026, averaging 171 incidents per month. Five key countries - Germany, the UK, France, Italy, and Spain - are bearing the brunt, accounting for 70% of all recorded attacks.

Analyst 207
Blurred cityscape with office workstation and blank computer screen.

MuddyWater Exploits Ransomware Disguise for Cyber Espionage

The line between ransomware attacks and nation-state espionage is rapidly blurring, as cyber groups like MuddyWater now disguise their operations as financially motivated ransomware attacks to further their strategic objectives. MuddyWater, linked to Iran's Ministry of Intelligence and Security, has been caught posing as the Chaos ransomware group in a deliberate campaign.

Analyst 207