Tag: ransomware
999 articles

SaaS Providers Face Trust Crisis After Canvas Breach
A massive breach of the Canvas learning management system has left 275 million users reeling, compromising student records and disrupting learning at over 8,800 institutions worldwide. The shocking incident has sparked a trust crisis for SaaS providers, raising urgent questions about security and data protection.

Authorities Disrupt First VPN Service Used by 25 Ransomware Groups
In a major win for cybersecurity, an international coalition led by France and the Netherlands has disrupted a notorious VPN service used by 25 ransomware groups, taking a significant blow to cybercrime operations. The takedown was made possible through a collaborative effort involving 16 countries and key partners like Europol and Eurojust.

Europol Disrupts Major Cybercrime VPN Service
Europol's bold operation has taken down a notorious VPN service used by cybercriminals to hide their tracks, seizing key infrastructure and sowing disruption among ransomware operators, fraudsters, and data thieves. This major win for cybersecurity could lead to further investigations and prosecutions, thanks to the treasure trove of data on thousands of threat actors.

Vulnerability Exploitation Surpasses Credentials as Top Breach Entry Point
The latest Verizon Data Breach Investigations Report reveals a significant shift in how breaches occur: vulnerability exploitation now accounts for 31% of breaches, surpassing stolen credentials as the top entry point for hackers. Ransomware remains a major threat, involved in nearly half of all breaches.

Smaller Healthcare Providers Targeted in Rising Wave of Cyberattacks
Smaller healthcare providers are being hit hard by a rising wave of cyberattacks, with eight recent hacking incidents affecting nearly 2 million individuals. These breaches, impacting medical practices across the US, are a stark reminder that no healthcare organization is immune to the threat of cyber breaches.

Microsoft Disrupts Malware-Signing Service Used in Ransomware Attacks
Microsoft swooped in to shut down a notorious malware-signing service, seizing the website signspace.cloud and taking down hundreds of virtual machines used to fuel ransomware attacks. This bold move, dubbed OpFauxSign, crippled a key operation run by the threat actor Fox Tempest, which had been using Microsoft's own system against them since May 2025.

GitHub Probes Breach Claim by TeamPCP Hackers
GitHub is investigating a security breach claim by hackers TeamPCP, who allegedly stole around 4,000 of the platform's internal repositories and put the source code up for sale for a hefty $50,000. The company has already sprung into action, detecting and containing the breach and taking steps to mitigate the risk.

Microsoft Disrupts Cybercrime Service Selling Code-Signing Certificates to Ransomware Gangs
Microsoft has disrupted a notorious cybercrime operation, dubbed Fox Tempest, that sold code-signing certificates to ransomware gangs, allowing them to disguise malware as legitimate Windows software. The operation, which created over 580 fake Microsoft accounts, has been linked to two individuals, John Doe 1 and John Doe 2, who allegedly traded in real, Microsoft-issued code-signing credentials.

Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs
Microsoft cracked down on a notorious malware-signing service used by ransomware gangs, disrupting the operations of Fox Tempest, a financially motivated group that generated millions of dollars in profits by selling trust to cybercriminals. The group had created over 1,000 code-signing certificates and hundreds of Azure tenants to support its industrial-scale scheme.

Microsoft Disrupts Malware Signing Service Used by Ransomware Groups
Microsoft cracked down on a sophisticated malware signing service run by a group called Fox Tempest, which helped ransomware gangs disguise their malicious programs as legitimate software. This service was like a master forgery operation, creating counterfeit digital signatures that even experts struggled to spot.

Microsoft Disrupts Fox Tempest's Ransomware-Enabling Code-Signing Service
Microsoft's Digital Crimes Unit has successfully disrupted a notorious code-signing service used by cybercriminals, including the group behind Fox Tempest, to create fake IDs and gain easy access to systems. This operation has effectively shut down a key tool used by hackers to spread ransomware and malware.

7-Eleven Breach Exposes Franchisee Data After ShinyHunters Attack
7-Eleven recently confirmed a data breach that exposed sensitive franchisee information after a cyberattack by the group ShinyHunters, with unauthorized access detected on April 8. The company swiftly launched an investigation and began notifying affected individuals on May 1.

Ransomware Attacks Surge as Clop Gang Dominates Threat Landscape
Ransomware attacks have skyrocketed, with over 343 million blocked by Kaspersky products in just the first quarter of 2026 alone, highlighting a surge in threats from the notorious Clop gang and other malicious players. This alarming trend underscores a quarter marked by intensified ransomware activity and rapidly evolving cyber threats.

SaaS Breaches Expose Gaps in Enterprise Security Thinking
In a shocking display of vulnerability, ShinyHunters breached Instructure's Canvas platform not once, but twice in a single week, siphoning off a staggering 3.65 terabytes of data from 275 million users across 8,000 institutions. The brazen attacks left hundreds of schools reeling during final exams, forcing Canvas offline and lining the attackers' pockets with a ransom payment.

Ransomware Breach Exposes 123,000 at American Lending Center
A ransomware attack on American Lending Center compromised the personal data of 123,000 individuals after a threat actor infiltrated the company's internal network and accessed sensitive files. The breach was discovered nine months prior to notification, on July 27, 2025, but consumers weren't alerted until April 28, 2026.

ShinyHunters Fuel Surge in Data Leaks
Meet the ShinyHunters, a notorious group behind a surge in public data leaks, who team up with The Com to scam victims out of cloud system access and then hold their data for ransom. This duo's alarming tactic has resulted in a steady stream of sensitive information being dumped into the public domain.

Ransomware Gangs Test Trust with Data Deletion Promises
Can you ever trust a ransomware gang's promise to delete stolen data? The recent Instructure breach has brought this question to the forefront, leaving victims wondering if paying up is worth the risk of broken promises.

Ransomware Gang Targets Canvas, Exposes Student Data Risks
A ransomware gang claimed to have stolen data from 275 million students, teachers, and staff, but Instructure, the company behind Canvas, says it's reached a deal with the hackers and has digital proof that the data has been destroyed. But can we really trust that the threat has passed?

TeamPCP hackers target Mistral AI code repos for sale
Hackers from TeamPCP are demanding $25,000 for nearly 5 gigabytes of stolen Mistral AI code, threatening to leak it for free if they don't find a buyer within a week. The group claims to have snagged around 450 internal repositories, including sensitive source code used for training and model delivery.

Foxconn Disrupted by Nitrogen Ransomware Attack
Nitrogen ransomware attackers claim to have stolen a massive 8 terabytes of sensitive data, including confidential files from tech giants like Intel, Apple, and Google, potentially disrupting the entire consumer-tech supply chain. The breach could have far-reaching consequences for suppliers and customers worldwide.

Foxconn Cyberattack Exposes Supply Chain Risks
A massive cyberattack on Foxconn has exposed the dark underbelly of supply chain risks, with hackers claiming to have stolen a staggering 11 million files - including confidential data from tech giants like Intel, Apple, and Nvidia. This breach highlights the long-term architectural risks that ransomware attacks can pose to global supply chains.

West Pharmaceutical hit by cyberattack, data stolen
West Pharmaceutical Services suffered a significant cybersecurity breach on May 4, 2026, when hackers infiltrated their systems, encrypting certain data and making off with sensitive information, prompting a formal investigation. The company confirmed the severity of the attack three days later, on May 7.

Instructure Negotiates Data Return After Ransomware Breach
In a major win for data security, Instructure has successfully negotiated the return of stolen data and confirmed its destruction after a ransomware breach affected nearly 9,000 educational institutions using its Canvas Learning Management System. The company has ensured that its affected customers are protected and won't be individually targeted for extortion.

CISOs Weigh Ransom Payments Amid Ransomware Resilience Gap
A surprising 58% of CISOs admit they'd consider paying a ransom to quickly restore encrypted systems, revealing a stark reality in the ongoing battle against ransomware. This willingness varies by geography, with 63% of US CISOs and 47% of UK CISOs open to making a payment.