Payload Ransomware Group Claims Breach of Royal Bahrain Hospital
March 17, 2026
Royal Bahrain Hospital reportedly targeted by Payload ransomware, with 110 GB of sensitive data allegedly stolen.
Ransomware
Payload Ransomware Group Claims Breach of Royal Bahrain Hospital
Royal Bahrain Hospital reportedly targeted by Payload ransomware, with 110 GB of sensitive data allegedly stolen.
VENON Banking Malware Targets Brazilian Users With Rust-Based Code
New banking malware VENON targets Brazilian users, developed in Rust, diverging from traditional Delphi-based threats.
Slopoly Malware Linked to Interlock Ransomware Attack
Investigating Slopoly malware's impact, AI origins, and role in Interlock attacks.
Lazarus Group Expands Its Ransomware Arsenal with Medusa
North Korea's Lazarus Group deploys Medusa ransomware against critical sectors, targeting US healthcare.
Polish Authorities Detain Suspected Phobos Ransomware Operative
Polish authorities have arrested a 47-year-old man suspected of participating in cybercrimes associated with the Phobos ransomware. During the operation, officers seized devices containing evidence ...
Warlock Ransomware Gang Breach at SmarterTools: Email System Compromised
The Warlock ransomware gang has infiltrated SmarterTools’ network by breaching the company's email system but has not disrupted critical business functions or accessed account data. ...
Ransomware Gangs Reconsider Strategies as Data Theft Returns Diminish
With diminishing returns from data theft alone, ransomware gangs are exploring the return to data encryption for extortion. Altered tactics reflect evolving criminal strategies to ...
New Reynolds Ransomware Uses BYOVD Technique to Elude Detection
Cybersecurity experts have discovered Reynolds ransomware, a new threat employing the Bring Your Own Vulnerable Driver (BYOVD) technique. This approach allows the ransomware to disable ...
ShinyHunters Strike Again: Canada Goose Addresses Breach Concerns
Fashion brand Canada Goose is tackling claims of a 600,000-record breach linked to hacker group ShinyHunters. The company states it's an old incident with no ...
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Iron Mountain, a reputed data storage provider, has confirmed a breach by the Everest extortion group, affecting primarily marketing data. The company reassures clients of ...
VENON Banking Malware Targets Brazilian Users With Rust-Based Code
March 13, 2026
New banking malware VENON targets Brazilian users, developed in Rust, diverging from traditional Delphi-based threats.
Slopoly Malware Linked to Interlock Ransomware Attack
March 13, 2026
Investigating Slopoly malware’s impact, AI origins, and role in Interlock attacks.
Lazarus Group Expands Its Ransomware Arsenal with Medusa
February 25, 2026
North Korea’s Lazarus Group deploys Medusa ransomware against critical sectors, targeting US healthcare.
Polish Authorities Detain Suspected Phobos Ransomware Operative
February 18, 2026
Polish authorities have arrested a 47-year-old man suspected of participating in cybercrimes associated with the Phobos ransomware. During the operation,
Warlock Ransomware Gang Breach at SmarterTools: Email System Compromised
February 17, 2026
The Warlock ransomware gang has infiltrated SmarterTools’ network by breaching the company’s email system but has not disrupted critical business
Ransomware Gangs Reconsider Strategies as Data Theft Returns Diminish
February 17, 2026
With diminishing returns from data theft alone, ransomware gangs are exploring the return to data encryption for extortion. Altered tactics
New Reynolds Ransomware Uses BYOVD Technique to Elude Detection
February 17, 2026
Cybersecurity experts have discovered Reynolds ransomware, a new threat employing the Bring Your Own Vulnerable Driver (BYOVD) technique. This approach
ShinyHunters Strike Again: Canada Goose Addresses Breach Concerns
February 17, 2026
Fashion brand Canada Goose is tackling claims of a 600,000-record breach linked to hacker group ShinyHunters. The company states it’s
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
February 4, 2026
Iron Mountain, a reputed data storage provider, has confirmed a breach by the Everest extortion group, affecting primarily marketing data.
Threat actors
Aisuru Botnet: New DDoS Attack Record Set at 29.7 Tbps
December 5, 2025
Over the past three months, the formidable Aisuru botnet has executed more than 1,300 DDoS attacks, one of which reached
Clop Ransomware: A Growing Danger to Cybersecurity Worldwide
October 22, 2025
Clop ransomware continues to evolve as one of the most destructive global cyber threats. Learn how it spreads, its impact,
Violet Typhoon: China-Nexus Espionage Actor
October 21, 2025
Violet Typhoon, a China-linked cyber-espionage actor active since 2015, targets governments, NGOs, and academic institutions using SharePoint zero-day exploits. Its
GhostSec – From Hacktivist to Ransomware Warlord
September 30, 2025
GhostSec evolved from hacktivist roots into a hybrid ransomware threat, using GhostLocker to target global sectors with encryption, extortion, and
Warlock Group / GOLD SALEM (aka Storm-2603) — Threat Profile
September 25, 2025
This threat actor profile examines the Warlock ransomware group, tracked as Storm-2603 and GOLD SALEM. Active since March 2025, Warlock
Gunra Ransomware: Tactics, Victims, and Threat Intelligence
August 28, 2025
Gunra is a double-extortion ransomware group, active since April 2025, leveraging leaked Conti code for high-speed, cross-platform attacks. With victims
APT36 Hackers Abuse Linux to Deliver Malware in Espionage Attacks
August 28, 2025
APT36 (Transparent Tribe) is exploiting Linux .desktop files in a new espionage campaign against Indian defense and government targets. Disguised
Crypto24 Ransomware: The Phantom Encryptor
August 18, 2025
Crypto24 is a rising ransomware group targeting mid-sized global firms, using stealth tools, cloud exfiltration, and double-extortion tactics to steal,
Charon Ransomware: Stealthy Cyber Extortion Syndicate
August 18, 2025
Charon ransomware, emerging in 2025, targets Middle East sectors with APT-level tactics, DLL sideloading, hybrid encryption, and advanced evasion, posing
APT28 / Fancy Bear: Russian State Sponsored APT
August 6, 2025
APT28, aka Fancy Bear, a Russian GRU-linked group, conducts sophisticated espionage and information theft campaigns globally, targeting governments and critical
DragonForce Ransomware – Hacktivist Turned Cybercriminal Enterprise
August 4, 2025
DragonForce is a ransomware and data extortion group that evolved from a pro-Palestinian hacktivist collective into a financially motivated cybercriminal
Lynx Ransomware: INC Ransomware Reincarnated
July 29, 2025
The Lynx ransomware group is a financially motivated threat actor operating under a Ransomware-as-a-Service (RaaS) model. Emerging as a successor
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.