Microsoft Disrupts Fox Tempest Malware-Signing Service
May 20, 2026
Microsoft seized Fox Tempest’s signspace.cloud domain and revoked over 1,000 fraudulent code-signing certificates used by ransomware groups and infostealers.
Ransomware
Microsoft Disrupts Fox Tempest Malware-Signing Service
Microsoft seized Fox Tempest's signspace.cloud domain and revoked over 1,000 fraudulent code-signing certificates used by ransomware groups and infostealers.
KongTuke IAB Uses Microsoft Teams to Deploy ModeloRAT in 5 Minutes
ReliaQuest found KongTuke impersonating IT help desk staff via Microsoft Teams to trick employees into running PowerShell, deploying ModeloRAT and selling access to ransomware groups.
ShinyHunters Claims 600,000-Record 7-Eleven Salesforce Breach
ShinyHunters claimed and 7-Eleven confirmed a breach of its Salesforce CRM containing over 600,000 records, with a ransom demand issued to the retail chain.
Foxconn Confirms Nitrogen Ransomware Stole 8TB of Customer IP
Nitrogen ransomware hit Foxconn's North American factories, encrypting systems and stealing 8TB of files containing schematics from Apple, Intel, and Google.
InterLock Claims Park Dental Research in 24-Hour Healthcare Blitz
InterLock ransomware posted four new victims in 24 hours on May 11, including Park Dental Research — a US healthcare target flagged in active FBI ...
ICO Fines South Staffordshire Water £963,900 Over Cl0p Breach
The UK ICO fined South Staffordshire Water £963,900 after Cl0p ransomware went undetected inside the utility's systems for 20 months, exposing 633,887 records.
Gentlemen Ransomware Group’s Internal Data Leaked Publicly
Internal data from the Gentlemen ransomware group — including bitcoin wallets and communications from 300+ victim operations — was posted publicly on MediaFire.
Nitrogen Ransomware Hits Foxconn Wisconsin, Claims 8TB Theft
Nitrogen ransomware claimed responsibility for an attack on Foxconn's Mount Pleasant, Wisconsin campus, asserting 8TB of data stolen across more than 11 million files.
InterLock Claims Park Dental Research in 24-Hour Healthcare Blitz
InterLock ransomware posted four new victims in 24 hours on May 11, including Park Dental Research — a US healthcare target flagged in active FBI ...
GhostLock Abuses Windows API to Lock 500K Files, Bypassing EDR
GhostLock uses Windows CreateFileW to lock 500,000 files in under three minutes, blocking all access without encryption and evading EDR detection.
KongTuke IAB Uses Microsoft Teams to Deploy ModeloRAT in 5 Minutes
May 19, 2026
ReliaQuest found KongTuke impersonating IT help desk staff via Microsoft Teams to trick employees into running PowerShell, deploying ModeloRAT and
ShinyHunters Claims 600,000-Record 7-Eleven Salesforce Breach
May 19, 2026
ShinyHunters claimed and 7-Eleven confirmed a breach of its Salesforce CRM containing over 600,000 records, with a ransom demand issued
Foxconn Confirms Nitrogen Ransomware Stole 8TB of Customer IP
May 14, 2026
Nitrogen ransomware hit Foxconn’s North American factories, encrypting systems and stealing 8TB of files containing schematics from Apple, Intel, and
InterLock Claims Park Dental Research in 24-Hour Healthcare Blitz
May 13, 2026
InterLock ransomware posted four new victims in 24 hours on May 11, including Park Dental Research — a US healthcare
ICO Fines South Staffordshire Water £963,900 Over Cl0p Breach
May 13, 2026
The UK ICO fined South Staffordshire Water £963,900 after Cl0p ransomware went undetected inside the utility’s systems for 20 months,
Gentlemen Ransomware Group’s Internal Data Leaked Publicly
May 13, 2026
Internal data from the Gentlemen ransomware group — including bitcoin wallets and communications from 300+ victim operations — was posted
Nitrogen Ransomware Hits Foxconn Wisconsin, Claims 8TB Theft
May 13, 2026
Nitrogen ransomware claimed responsibility for an attack on Foxconn’s Mount Pleasant, Wisconsin campus, asserting 8TB of data stolen across more
InterLock Claims Park Dental Research in 24-Hour Healthcare Blitz
May 13, 2026
InterLock ransomware posted four new victims in 24 hours on May 11, including Park Dental Research — a US healthcare
GhostLock Abuses Windows API to Lock 500K Files, Bypassing EDR
May 13, 2026
GhostLock uses Windows CreateFileW to lock 500,000 files in under three minutes, blocking all access without encryption and evading EDR
Threat actors
Cybercrime Group Targets Developers with Malicious Telnyx Package on PyPI
March 31, 2026
Cybercrime group associated with Trivy attack uploads malicious Telnyx packages to PyPI aiming to deploy credential-stealing malware.
FBI Seizes LeakBase and Disrupts a Major Cybercrime Forum
March 5, 2026
A recent FBI takedown of the LeakBase cybercrime forum disrupts major online criminal activities.
Texas Sues TP-Link Over Router Security Deception Tied to Chinese State-Backed Hackers
February 19, 2026
Texas accuses TP-Link of falsely advertising its routers’ security, allowing Chinese state-backed hackers to exploit firmware vulnerabilities and acce…
Polish Authorities Detain Suspected Phobos Ransomware Operative
February 18, 2026
Polish authorities have arrested a 47-year-old man suspected of participating in cybercrimes associated with the Phobos ransomware. During the operation,
FBI Successfully Seizes RAMP Cybercrime Forum Disrupting Ransomware Operations
January 29, 2026
The FBI has effectively dismantled RAMP, a prominent cybercriminal forum. Known for its bold promotion of ransomware activities, RAMP’s seizure
NoName057(16) Splinter Cells: Europe’s Volunteer DDoS Threat
January 22, 2026
Decentralized pro-Russian hacktivist cells execute targeted DDoS campaigns across Europe, leveraging volunteer botnets and pre-announced attacks to disrupt governments, banks,
Law Enforcement Identifies Black Basta Ransomware Leader
January 19, 2026
Ukraine and Germany confirm the identity of the Black Basta ransomware leader, now on the Europol and Interpol wanted lists.
Fleeing Ransomware Leader Now Among Germany’s Most Wanted
January 18, 2026
Russian national Oleg Evgenievich Nefekov, involved in major ransomware activities, has evaded capture, reportedly returning to his homeland. German authorities
Stalkerware Vendor’s Guilty Plea: A Rare Legal Victory in Consumer Spyware Prosecution
January 7, 2026
A significant legal breakthrough marks only the second successful prosecution of a consumer spyware vendor in over ten years by
ShinyHunters’ Strategic Use of Decoy Accounts in Cyber Espionage
January 5, 2026
In September 2025, a significant development in the realm of cyber threats emerged with the activities of a hacker group
Arrest Linked to KMSAuto Malware Campaign That Hit 2.8 Million Systems
December 29, 2025
Authorities arrest a Lithuanian individual suspected of deploying clipboard-stealer malware through KMSAuto, impacting 2.8 million computers. The tool, camouflaged as
Ukrainian Nefilim Ransomware Affiliate Pleads Guilty in U.S.
December 22, 2025
Artem Stryzhak, an alleged affiliate of the Nefilim ransomware group, has pleaded guilty to conspiracy to commit computer fraud in
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.