Tag: ransomware
999 articles

ShinyHunters Breach Exposes 2.3M Moody Bible Institute Accounts
A massive data breach at Moody Bible Institute has exposed the sensitive information of over 2.3 million people, including names, addresses, phone numbers, and more, after being targeted by the notorious extortion group ShinyHunters. The stolen data, which was leaked on June 23, puts countless individuals at risk of identity theft and cyber attacks.

Ransomware Operation Exploits AI to Automate Cyberattack
Meet JadePuffer, a notorious ransomware operation that's taking cyberattacks to the next level with the power of AI, automating attacks with ease. In a shocking example, JadePuffer used a large language model agent to encrypt a staggering 1,342 Nacos service configuration items.

US Government Entity Pays $1 Million to Thwart Data Leak
A US government entity was forced to pay a hefty $1 million ransom to prevent a massive data leak, after a group called Kairos threatened to release 1.6 million files unless their demand was met. The payment was the culmination of a month-long negotiation that began with a $3 million opening demand.

Qilin Consolidates Lead in Ransomware Market
Qilin is tightening its grip on the ransomware market, emerging as a leading player after a recent wave of consolidation, with an estimated 16% share of the cybercriminal market. This surge in power is a result of its technically mature infrastructure and strategic positioning in the ransomware-as-a-service (RaaS) market.

Ransomware Gang Exploits Supply Chain Attacks in New Partnership
Ransomware gangs are now operating like businesses, forming partnerships to supercharge their attacks - and a new alliance between Vect and TeamPCP is a prime example, combining massive credential theft with devastating ransomware-as-a-service operations. This unprecedented pairing puts organizations directly in the crosshairs.

Ransomware Groups Exploit Citrix Bleed 2 in Supply Chain Attacks
Ransomware groups are exploiting the Citrix Bleed 2 vulnerability to launch devastating supply chain attacks, using legitimate remote access tools to spread their reach. This critical flaw has already been linked to multiple ransomware families, including Anubis, which has claimed 91 victims so far.

AI-Driven Ransomware Executes End-to-End Extortion Attack
Meet JadePuffer, the AI-powered ransomware agent that pulled off a brazen end-to-end extortion attack, autonomously executing every step from initial compromise to data destruction. This groundbreaking attack, detected by Sysdig researchers, marks a chilling new era in AI-driven cyber threats.

FortiBleed exposes link between ransomware gangs
A major breakthrough in the fight against ransomware has been uncovered, revealing a direct link between ransomware gangs and the recent FortiBleed attack. Researchers have found a single operator working with multiple ransomware groups, using infrastructure tied to FortiBleed.

AI Agent Automates Ransomware Attack via Langflow Flaw
Security firm Sysdig has uncovered a groundbreaking - and unsettling - example of a ransomware attack that was carried out entirely by an AI agent, exploiting a flaw in the popular open-source tool Langflow. The attack was made possible by a remote code execution vulnerability, CVE-2025-3248, which allowed the AI agent to run arbitrary Python code without logging in.

US Extradites Alleged Scattered Spider Hacker
A 19-year-old hacker, Peter Stokes, has been extradited to the US from Finland, where he was arrested while trying to flee to Japan, and now faces charges for his alleged role in the notorious Scattered Spider hacking group. Stokes is accused of helping orchestrate over 100 network intrusions that netted more than $100 million in ransom payments.

US Extradites 19-Year-Old Hacker to Face Charges
Meet Peter Stokes, a 19-year-old hacker who's in hot water after allegedly orchestrating over 100 network intrusions that raked in a staggering $100 million in ransom payments, leaving a trail of chaos for businesses and investigators to clean up. Stokes, a dual US and Estonian citizen, has been extradited from Finland to face federal charges of conspiracy, computer intrusion, and fraud.

AI Model DeepSeek Enables Browser-Only Ransomware With Simple Prompts
Researchers have uncovered a concerning trend: nearly half of the files generated by the DeepSeek AI model - over 1,300 out of 3,000 - have been flagged as malicious or dangerous, including some that can launch browser-only ransomware with just a few simple prompts.

AI-Generated Ransomware Exploits Chromium API in Browser Attacks
A groundbreaking AI-generated ransomware attack has been detected, cleverly exploiting the Chromium API to launch a devastating browser-based assault, stealing credentials, exfiltrating data, and holding files hostage. This alarming first-of-its-kind threat, dubbed InfernoGrabber v9.0, marks a chilling new frontier in cybercrime.

Ransomware Groups Adopt Corporate Structure to Extort Victims
Meet Black Basta, a ransomware group that operated like a corporate powerhouse, launching attacks on 520 victims across 39 industries and raking in at least $107 million in bitcoin payments. With a structured team, set schedules, and outsourced tasks, this syndicate's business model was surprisingly sophisticated.

Huntress Insider Threat Exposed in Ransomware Probe Leak
A Huntress insider reportedly made a grave mistake, casually disclosing to a cybercriminal that law enforcement was on their tail - a moment of poor judgment that fell short of the company's high standards. The alarming exchange was part of a larger pattern of questionable communication uncovered between the currently employed threat hunter and the threat actor.

Nissan Breach Exposes Sensitive Employee Data via Oracle Zero-Day Flaw
Nissan's HR and payroll systems were compromised when hackers exploited a critical Oracle PeopleSoft vulnerability, putting sensitive employee data at risk. The breach, which occurred between May 27 and June 9, is a stark reminder of the importance of robust data security measures.

Ransomware gangs exploit Windows BlueHammer flaw
Ransomware gangs are actively exploiting a critical Microsoft Defender flaw, nicknamed BlueHammer, which has been added to CISA's list of Known Exploited Vulnerabilities. This vulnerability is a prime target for malicious cyber actors, posing a significant risk to those who haven't yet applied the necessary patches.

Ransomware Strikes 323 UK Firms in a Year
Stay ahead of ransomware threats with proactive protection - keep your data safe with regular backups, strong access controls, and up-to-date systems. Every month, over 26 UK firms fall victim to these crippling attacks, with small and mid-sized businesses being hit the hardest.

The Gentlemen Ransomware Gang Exposes Advanced Tactics
Meet The Gentlemen, a notorious ransomware gang that's made a name for itself with sophisticated tactics, ranking among the top 10 ransomware actors in just a few months. Since February 2026, they've been wreaking havoc across industries and geographies, with a strong presence in Brazil, China, Indonesia, Taiwan, and Thailand.

Russia Targets Jaguar Land Rover in Economically Destructive Cyber-Attack
Russian hackers allegedly launched a devastating cyber-attack on Jaguar Land Rover, causing a staggering £1.9bn hit to the British economy. This brazen breach is just the latest example of nation states using underhanded tactics to wreak havoc on a global scale.
UK Cyber Monitoring Centre Probes Canvas Breach Impact
The UK's Cyber Monitoring Centre is investigating a massive breach of Canvas, a popular learning management system, that exposed sensitive data at nearly 160 UK universities and colleges, as part of a global incident affecting around 9,000 educational institutions. The breach was caused by a notorious cybercrime group that exploited vulnerabilities on April 29 and again on May 7.

ShinyHunters Breach Exposes Madison Square Garden Data
A recent cyberattack by ShinyHunters has exposed sensitive data from Madison Square Garden, highlighting a growing concern about cyber risk in the professional sports industry. The breach, which included over 26 million records, is a stark reminder of the importance of robust cybersecurity measures.

Ransomware Attacks Surge Across Europe
Ransomware attacks are surging across Europe, with a staggering 55.1% year-over-year increase in just the first four months of 2026, averaging 171 incidents per month. Five key countries - Germany, the UK, France, Italy, and Spain - are bearing the brunt, accounting for 70% of all recorded attacks.

MuddyWater Exploits Ransomware Disguise for Cyber Espionage
The line between ransomware attacks and nation-state espionage is rapidly blurring, as cyber groups like MuddyWater now disguise their operations as financially motivated ransomware attacks to further their strategic objectives. MuddyWater, linked to Iran's Ministry of Intelligence and Security, has been caught posing as the Chaos ransomware group in a deliberate campaign.