Inotiv confirms a ransomware attack encrypted systems and data, disrupting operations. SEC filing cites Qilin claims of 176GB theft as
U.S. agencies seized over $1 million in cryptocurrency and critical infrastructure from the BlackSuit ransomware gang. While the takedown marks
The U.S. now accounts for 50% of global ransomware incidents, with attacks surging 146% year-over-year. Critical sectors like manufacturing, healthcare,
Ransomware-as-a-Service is driving a surge in cyberattacks, making sophisticated ransomware accessible to low-skilled criminals. With incidents up 149% in early
Stormous ransomware is a pro-Russian ransomware gang using double extortion and RaaS tools to target global enterprises, especially in the
INC Ransomware is a sophisticated and relatively new cybercriminal group known for its targeted ransomware attacks against corporate and organizational
LockBit’s dark web affiliate panels were hacked, exposing thousands of victim negotiation messages, affiliate details, and bitcoin addresses in a
Play ransomware operators exploited a critical Windows log file vulnerability (CVE-2025-29824) in zero-day attacks, targeting global IT, finance, and retail
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents.
Interlock ransomware operators now use ClickFix attacks with fake IT tools to deploy malware, exfiltrate data, and encrypt systems, targeting
Gunra is a double-extortion ransomware group, active since April 2025, leveraging leaked Conti code for high-speed, cross-platform attacks. With victims
APT36 (Transparent Tribe) is exploiting Linux .desktop files in a new espionage campaign against Indian defense and government targets. Disguised
Crypto24 is a rising ransomware group targeting mid-sized global firms, using stealth tools, cloud exfiltration, and double-extortion tactics to steal,
Charon ransomware, emerging in 2025, targets Middle East sectors with APT-level tactics, DLL sideloading, hybrid encryption, and advanced evasion, posing
APT28, aka Fancy Bear, a Russian GRU-linked group, conducts sophisticated espionage and information theft campaigns globally, targeting governments and critical
DragonForce is a ransomware and data extortion group that evolved from a pro-Palestinian hacktivist collective into a financially motivated cybercriminal
The Lynx ransomware group is a financially motivated threat actor operating under a Ransomware-as-a-Service (RaaS) model. Emerging as a successor
Fog ransomware, a prolific and secretive threat actor, targets organizations globally, deploying sophisticated multi-stage attacks resulting in data encryption and
Termite ransomware, active since at least late 2024, targets high-profile organizations. Recent victims include Blue Yonder and Zschimmer & Schwarz,
SafePay is a centralized ransomware group leveraging LockBit-derived code, stealthy infiltration, and rapid encryption—targeting SMEs and MSPs globally without using
Scattered Spider isn’t a single group but a sprawling web of identity-based attackers exploiting help desks, MFA gaps, and cloud
Anubis ransomware combines encryption and file-wiping capabilities, targeting Windows, Linux, and NAS systems with stealthy command-line execution and affiliate-driven campaigns
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.