Skip to main content

Tag: ransomware

999 articles

University computer lab workstation with laptop and papers, soft natural light from a nearby window.

SaaS Providers Face Trust Crisis After Canvas Breach

A massive breach of the Canvas learning management system has left 275 million users reeling, compromising student records and disrupting learning at over 8,800 institutions worldwide. The shocking incident has sparked a trust crisis for SaaS providers, raising urgent questions about security and data protection.

Analyst 207
Law enforcement officials gather at a modern facility with a large glass wall, symbolizing a coordinated international…

Authorities Disrupt First VPN Service Used by 25 Ransomware Groups

In a major win for cybersecurity, an international coalition led by France and the Netherlands has disrupted a notorious VPN service used by 25 ransomware groups, taking a significant blow to cybercrime operations. The takedown was made possible through a collaborative effort involving 16 countries and key partners like Europol and Eurojust.

Analyst 207
Law enforcement officers in a briefing room with laptops and papers, background shows natural daylight through tall windows.

Europol Disrupts Major Cybercrime VPN Service

Europol's bold operation has taken down a notorious VPN service used by cybercriminals to hide their tracks, seizing key infrastructure and sowing disruption among ransomware operators, fraudsters, and data thieves. This major win for cybersecurity could lead to further investigations and prosecutions, thanks to the treasure trove of data on thousands of threat actors.

Analyst 207
Modern office setting with an unsecured laptop and exposed network cable on a desk.

Vulnerability Exploitation Surpasses Credentials as Top Breach Entry Point

The latest Verizon Data Breach Investigations Report reveals a significant shift in how breaches occur: vulnerability exploitation now accounts for 31% of breaches, surpassing stolen credentials as the top entry point for hackers. Ransomware remains a major threat, involved in nearly half of all breaches.

Analyst 207
A small medical clinic's waiting room with a reception desk and chairs, bathed in soft daylight.

Smaller Healthcare Providers Targeted in Rising Wave of Cyberattacks

Smaller healthcare providers are being hit hard by a rising wave of cyberattacks, with eight recent hacking incidents affecting nearly 2 million individuals. These breaches, impacting medical practices across the US, are a stark reminder that no healthcare organization is immune to the threat of cyber breaches.

Analyst 207
Rows of servers and equipment in a data center, some partially disassembled.

Microsoft Disrupts Malware-Signing Service Used in Ransomware Attacks

Microsoft swooped in to shut down a notorious malware-signing service, seizing the website signspace.cloud and taking down hundreds of virtual machines used to fuel ransomware attacks. This bold move, dubbed OpFauxSign, crippled a key operation run by the threat actor Fox Tempest, which had been using Microsoft's own system against them since May 2025.

Analyst 207
Brightly-lit tech office interior with employees at desks and a large window in the background.

GitHub Probes Breach Claim by TeamPCP Hackers

GitHub is investigating a security breach claim by hackers TeamPCP, who allegedly stole around 4,000 of the platform's internal repositories and put the source code up for sale for a hefty $50,000. The company has already sprung into action, detecting and containing the breach and taking steps to mitigate the risk.

Analyst 207
Law enforcement officials in a secure facility render code-signing credentials invalid.

Microsoft Disrupts Cybercrime Service Selling Code-Signing Certificates to Ransomware Gangs

Microsoft has disrupted a notorious cybercrime operation, dubbed Fox Tempest, that sold code-signing certificates to ransomware gangs, allowing them to disguise malware as legitimate Windows software. The operation, which created over 580 fake Microsoft accounts, has been linked to two individuals, John Doe 1 and John Doe 2, who allegedly traded in real, Microsoft-issued code-signing credentials.

Analyst 207
Brightly-lit server rack in a cybersecurity operations center against a mid-tone background.

Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs

Microsoft cracked down on a notorious malware-signing service used by ransomware gangs, disrupting the operations of Fox Tempest, a financially motivated group that generated millions of dollars in profits by selling trust to cybercriminals. The group had created over 1,000 code-signing certificates and hundreds of Azure tenants to support its industrial-scale scheme.

Analyst 207
Law enforcement operation room with a large, dismantled computer setup symbolizing disrupted malware signing service.

Microsoft Disrupts Malware Signing Service Used by Ransomware Groups

Microsoft cracked down on a sophisticated malware signing service run by a group called Fox Tempest, which helped ransomware gangs disguise their malicious programs as legitimate software. This service was like a master forgery operation, creating counterfeit digital signatures that even experts struggled to spot.

Analyst 207
Brightly-lit courthouse conveys sense of institutional action and cyber enforcement.

Microsoft Disrupts Fox Tempest's Ransomware-Enabling Code-Signing Service

Microsoft's Digital Crimes Unit has successfully disrupted a notorious code-signing service used by cybercriminals, including the group behind Fox Tempest, to create fake IDs and gain easy access to systems. This operation has effectively shut down a key tool used by hackers to spread ransomware and malware.

Analyst 207
Concerned 7-Eleven employee or franchisee looks at document near blurred POS terminal.

7-Eleven Breach Exposes Franchisee Data After ShinyHunters Attack

7-Eleven recently confirmed a data breach that exposed sensitive franchisee information after a cyberattack by the group ShinyHunters, with unauthorized access detected on April 8. The company swiftly launched an investigation and began notifying affected individuals on May 1.

Analyst 207
A dimly lit, disrupted computer server room with rows of equipment racks and monitors, some server casings and cables…

Ransomware Attacks Surge as Clop Gang Dominates Threat Landscape

Ransomware attacks have skyrocketed, with over 343 million blocked by Kaspersky products in just the first quarter of 2026 alone, highlighting a surge in threats from the notorious Clop gang and other malicious players. This alarming trend underscores a quarter marked by intensified ransomware activity and rapidly evolving cyber threats.

Analyst 207
Brightly-lit computer lab with laptops and computers, hinting at disruption.

SaaS Breaches Expose Gaps in Enterprise Security Thinking

In a shocking display of vulnerability, ShinyHunters breached Instructure's Canvas platform not once, but twice in a single week, siphoning off a staggering 3.65 terabytes of data from 275 million users across 8,000 institutions. The brazen attacks left hundreds of schools reeling during final exams, forcing Canvas offline and lining the attackers' pockets with a ransom payment.

Analyst 207
Blurred office setting with computer workstation and file cabinet in background.

Ransomware Breach Exposes 123,000 at American Lending Center

A ransomware attack on American Lending Center compromised the personal data of 123,000 individuals after a threat actor infiltrated the company's internal network and accessed sensitive files. The breach was discovered nine months prior to notification, on July 27, 2025, but consumers weren't alerted until April 28, 2026.

Analyst 207
Cloud storage workstation with blank laptop screen and keyboard, symbolizing a data breach.

ShinyHunters Fuel Surge in Data Leaks

Meet the ShinyHunters, a notorious group behind a surge in public data leaks, who team up with The Com to scam victims out of cloud system access and then hold their data for ransom. This duo's alarming tactic has resulted in a steady stream of sensitive information being dumped into the public domain.

Analyst 207
Locked cabinet with combination dial in a dimly lit, institutional office setting.

Ransomware Gangs Test Trust with Data Deletion Promises

Can you ever trust a ransomware gang's promise to delete stolen data? The recent Instructure breach has brought this question to the forefront, leaving victims wondering if paying up is worth the risk of broken promises.

Analyst 207
Blurred student data on a laptop screen in a brightly-lit school setting.

Ransomware Gang Targets Canvas, Exposes Student Data Risks

A ransomware gang claimed to have stolen data from 275 million students, teachers, and staff, but Instructure, the company behind Canvas, says it's reached a deal with the hackers and has digital proof that the data has been destroyed. But can we really trust that the threat has passed?

Analyst 207
Person working on laptop surrounded by notes in neutral room.

TeamPCP hackers target Mistral AI code repos for sale

Hackers from TeamPCP are demanding $25,000 for nearly 5 gigabytes of stolen Mistral AI code, threatening to leak it for free if they don't find a buyer within a week. The group claims to have snagged around 450 internal repositories, including sensitive source code used for training and model delivery.

Analyst 207
Brightly-lit industrial setting with computer screens and machinery in disarray.

Foxconn Disrupted by Nitrogen Ransomware Attack

Nitrogen ransomware attackers claim to have stolen a massive 8 terabytes of sensitive data, including confidential files from tech giants like Intel, Apple, and Google, potentially disrupting the entire consumer-tech supply chain. The breach could have far-reaching consequences for suppliers and customers worldwide.

Analyst 207
Electronics manufacturing facility with rows of workstations and equipment.

Foxconn Cyberattack Exposes Supply Chain Risks

A massive cyberattack on Foxconn has exposed the dark underbelly of supply chain risks, with hackers claiming to have stolen a staggering 11 million files - including confidential data from tech giants like Intel, Apple, and Nvidia. This breach highlights the long-term architectural risks that ransomware attacks can pose to global supply chains.

Analyst 207
Pharmaceutical manufacturing facility interior showing signs of disruption and increased security.

West Pharmaceutical hit by cyberattack, data stolen

West Pharmaceutical Services suffered a significant cybersecurity breach on May 4, 2026, when hackers infiltrated their systems, encrypting certain data and making off with sensitive information, prompting a formal investigation. The company confirmed the severity of the attack three days later, on May 7.

Analyst 207
University campus scene with laptop in background and symbolic data representation.

Instructure Negotiates Data Return After Ransomware Breach

In a major win for data security, Instructure has successfully negotiated the return of stolen data and confirmed its destruction after a ransomware breach affected nearly 9,000 educational institutions using its Canvas Learning Management System. The company has ensured that its affected customers are protected and won't be individually targeted for extortion.

Analyst 207
Somber security leader sits alone at conference table, contemplating on laptop.

CISOs Weigh Ransom Payments Amid Ransomware Resilience Gap

A surprising 58% of CISOs admit they'd consider paying a ransom to quickly restore encrypted systems, revealing a stark reality in the ongoing battle against ransomware. This willingness varies by geography, with 63% of US CISOs and 47% of UK CISOs open to making a payment.

Analyst 207