LockBit’s dark web affiliate panels were hacked, exposing thousands of victim negotiation messages, affiliate details, and bitcoin addresses in a
Play ransomware operators exploited a critical Windows log file vulnerability (CVE-2025-29824) in zero-day attacks, targeting global IT, finance, and retail
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents.
Interlock ransomware operators now use ClickFix attacks with fake IT tools to deploy malware, exfiltrate data, and encrypt systems, targeting
A ransomware attack on the Port of Seattle exposed the personal data of 90,000 individuals. The Rhysida ransomware group was
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents.
EncryptHub Breach Affects 618 Organizations Hit Using Infostealers and Ransomware
NailaoLocker ransomware, a newly discovered threat, targeted EU healthcare organizations between June and October 2024, exploiting a Check Point vulnerability.
Akira Ransomware claims a cyber attack on defunct Australian media company Regency Media, stealing 16GB+ of data, highlighting the risk
Cybercriminals are exploiting Microsoft Teams for ransomware attacks, using spam emails, Teams messages, and calls to infiltrate companies, steal data,
Overview Sodinokibi, also known as REvil, is a highly prolific and sophisticated ransomware-as-a-service (RaaS) operation active since at least April
Qilin ransomware, a potent threat emerging in 2022, has rapidly gained notoriety. This blog post delves into its advanced tactics,
Evil Corp, a prolific Russian cybercrime syndicate, deploys sophisticated malware and ransomware, targeting diverse sectors globally, including healthcare and finance,
Everest ransomware, active since 2020, evolved from data extortion and ransomware to primarily acting as an Initial Access Broker (IAB),
Vice Society, a prolific RaaS group, preys on schools and other institutions, deploying readily available ransomware and threatening data leaks
KillSec, a Russia-linked RaaS group, targets healthcare and finance, leveraging OSINT and affiliates for extortion, showing a preference for Asian
Overview The Qilin ransomware group, also known as Agenda, is a Russia-based ransomware-as-a-service (RaaS) operation active since at least July
The BianLian ransomware group represents a significant and growing threat to organizations worldwide. Operating with precision and stealth, they have
Overview: Known Aliases of Trinity Ransomware: Trinity Ransomware. Possible links to 2023Lock and Venus ransomware, implying potential shared infrastructure or
Akira has targeted a range of organizations, including universities (Stanford), major IT service providers (Tietoevry), and numerous businesses across various
Hunters International is a Ransomware-as-a-Service (RaaS) group that emerged in October 2023, following the disruption of the Hive ransomware group.
Rhysida Ransomware Threat Actor Profile
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.