Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
July 3, 2025
Stormous ransomware is a pro-Russian ransomware gang using double extortion and RaaS tools to target global enterprises, especially in the
Ransomware
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
Stormous ransomware is a pro-Russian ransomware gang using double extortion and RaaS tools to target global enterprises, especially in the U.S., Ukraine, and Europe.
INC Ransomware: Master of Double Extortion
INC Ransomware is a sophisticated and relatively new cybercriminal group known for its targeted ransomware attacks against corporate and organizational networks. They exhibit a high ...
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
LockBit's dark web affiliate panels were hacked, exposing thousands of victim negotiation messages, affiliate details, and bitcoin addresses in a leaked MySQL database.
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Play ransomware operators exploited a critical Windows log file vulnerability (CVE-2025-29824) in zero-day attacks, targeting global IT, finance, and retail sectors.
Ransomware Victims on Dark Web – 04th March, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
Interlock ransomware operators now use ClickFix attacks with fake IT tools to deploy malware, exfiltrate data, and encrypt systems, targeting corporate environments through social engineering. ...
Port of Seattle Ransomware Attack Impacts 90,000 Individuals
A ransomware attack on the Port of Seattle exposed the personal data of 90,000 individuals. The Rhysida ransomware group was responsible, and the Port refused ...
Ransomware Victims on Dark Web – 3rd March, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
EncryptHub Ransomware and Infostealer Campaign Targets 618 Organizations Globally
EncryptHub Breach Affects 618 Organizations Hit Using Infostealers and Ransomware
NailaoLocker Ransomware Targets EU Healthcare Sector in a Cyberattack
NailaoLocker ransomware, a newly discovered threat, targeted EU healthcare organizations between June and October 2024, exploiting a Check Point vulnerability. The attack leveraged ShadowPad and ...
INC Ransomware: Master of Double Extortion
June 10, 2025
INC Ransomware is a sophisticated and relatively new cybercriminal group known for its targeted ransomware attacks against corporate and organizational
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
May 12, 2025
LockBit’s dark web affiliate panels were hacked, exposing thousands of victim negotiation messages, affiliate details, and bitcoin addresses in a
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
May 8, 2025
Play ransomware operators exploited a critical Windows log file vulnerability (CVE-2025-29824) in zero-day attacks, targeting global IT, finance, and retail
Ransomware Victims on Dark Web – 04th March, 2025
April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents.
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
April 21, 2025
Interlock ransomware operators now use ClickFix attacks with fake IT tools to deploy malware, exfiltrate data, and encrypt systems, targeting
Port of Seattle Ransomware Attack Impacts 90,000 Individuals
April 7, 2025
A ransomware attack on the Port of Seattle exposed the personal data of 90,000 individuals. The Rhysida ransomware group was
Ransomware Victims on Dark Web – 3rd March, 2025
March 20, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents.
EncryptHub Ransomware and Infostealer Campaign Targets 618 Organizations Globally
February 27, 2025
EncryptHub Breach Affects 618 Organizations Hit Using Infostealers and Ransomware
NailaoLocker Ransomware Targets EU Healthcare Sector in a Cyberattack
February 20, 2025
NailaoLocker ransomware, a newly discovered threat, targeted EU healthcare organizations between June and October 2024, exploiting a Check Point vulnerability.
Threat actors
Termite Ransomware: The Silent Invader
July 22, 2025
Termite ransomware, active since at least late 2024, targets high-profile organizations. Recent victims include Blue Yonder and Zschimmer & Schwarz,
SafePay Ransomware: LockBit’s Lonewolf Ghost
July 15, 2025
SafePay is a centralized ransomware group leveraging LockBit-derived code, stealthy infiltration, and rapid encryption—targeting SMEs and MSPs globally without using
Scattered Spider: The Threat You Think You Know
June 25, 2025
Scattered Spider isn’t a single group but a sprawling web of identity-based attackers exploiting help desks, MFA gaps, and cloud
Anubis Ransomware: A Destructive, Cross-Platform Threat
June 24, 2025
Anubis ransomware combines encryption and file-wiping capabilities, targeting Windows, Linux, and NAS systems with stealthy command-line execution and affiliate-driven campaigns
BlackSuit (Royal) Ransomware: Conti Ransomware Reborn
June 11, 2025
BlackSuit, formerly Royal, is a sophisticated ransomware group using multi-vector attacks, partial encryption, and double extortion to target global organizations,
Scattered Spider: A Web of Social Engineering
June 9, 2025
Scattered Spider, also known as UNC3944, is a financially motivated cybercriminal group known for its sophisticated social engineering tactics and
APT40: Chinese State Sponsored APT
June 5, 2025
APT40, also known as ATK29, BRONZE MOHAWK, G0065, GADOLINIUM, Gingham Typhoon, ISLANDDREAMS, ITG09, KRYPTONITE PANDA, Leviathan, MUDCARP, Red Ladon, TA423,
GhostSec: From Hacktivist Roots to RaaS Powerhouse
June 4, 2025
GhostSec evolved from anti-ISIS hacktivists into a global ransomware threat, deploying GhostLocker via RaaS and targeting critical infrastructure with sophisticated,
Sodinokibi/REvil Ransomware: The Evasive Threat
May 5, 2025
Overview Sodinokibi, also known as REvil, is a highly prolific and sophisticated ransomware-as-a-service (RaaS) operation active since at least April
Qilin Ransomware: Tactics, Techniques, Procedures and Mitigation
April 23, 2025
Qilin ransomware, a potent threat emerging in 2022, has rapidly gained notoriety. This blog post delves into its advanced tactics,
Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos
April 22, 2025
Evil Corp, a prolific Russian cybercrime syndicate, deploys sophisticated malware and ransomware, targeting diverse sectors globally, including healthcare and finance,
Everest Ransomware: Data Extortionist Turned Initial Access Broker
April 9, 2025
Everest ransomware, active since 2020, evolved from data extortion and ransomware to primarily acting as an Initial Access Broker (IAB),
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.