Pickett and Associates Data Breach: Hacker Demands Bitcoin
January 5, 2026
A cybercriminal is selling stolen data from Pickett and Associates, impacting major utilities like Tampa Electric, Duke Energy, and American
Ransomware
Pickett and Associates Data Breach: Hacker Demands Bitcoin
A cybercriminal is selling stolen data from Pickett and Associates, impacting major utilities like Tampa Electric, Duke Energy, and American Electric Power.
Covenant Health Ransomware Breach Impacts 478,000 Individuals Across Multiple States
In May 2025, a ransomware attack by the Qilin group on Covenant Health compromised sensitive data of over 478,000 individuals at the healthcare organization located ...
RondoDox Botnet Utilizes React2Shell Vulnerability to Infiltrate Servers
RondoDox is exploiting the React2Shell flaw in Next.js to gain remote code execution, deploy malware, and install cryptominers. The campaign highlights how unpatched web frameworks ...
New Variant of Shai Hulud Malware Found in npm Registry
Cybersecurity experts uncover a new Shai Hulud malware strain in the npm registry, stressing the importance of vigilant security practices within open-source ecosystems.
BlackCat Ransomware Campaign Culminates in Guilty Pleas from Ex-Employees
Ex-Sygnia and DigitalMint employees confessed to deploying BlackCat ransomware against U.S. companies in 2023, using their insider knowledge for malicious aims.
Ransomware Attack Disrupts Operations at Romania’s Oltenia Energy Complex During Christmas
Oltenia Energy Complex, Romania's primary coal-based energy producer, faced a ransomware attack on the second day of Christmas, severely impacting its IT infrastructure and highlighting ...
MacSync Malware Distributed via Signed Swift Application
The evolution of MacSync malware allows seamless operation without requiring direct user terminal interaction. Distribution via a signed Swift application has enabled threat actors to ...
Ukrainian Nefilim Ransomware Affiliate Pleads Guilty in U.S.
Artem Stryzhak, an alleged affiliate of the Nefilim ransomware group, has pleaded guilty to conspiracy to commit computer fraud in the United States. Extradited earlier ...
Clop Ransomware Breach Compromises University of Phoenix Data
The personal information of nearly 3.5 million University of Phoenix students, staff, and suppliers has been compromised due to a network breach by the Clop ...
The Kimwolf Android Botnet Poses a Significant Threat to Mobile Security
The Kimwolf Android botnet, uncovered by XLab, has compromised more than 1.8 million devices globally. With over 1.7 billion DDoS commands issued, this malicious network ...
Covenant Health Ransomware Breach Impacts 478,000 Individuals Across Multiple States
January 5, 2026
In May 2025, a ransomware attack by the Qilin group on Covenant Health compromised sensitive data of over 478,000 individuals
RondoDox Botnet Utilizes React2Shell Vulnerability to Infiltrate Servers
January 5, 2026
RondoDox is exploiting the React2Shell flaw in Next.js to gain remote code execution, deploy malware, and install cryptominers. The campaign
New Variant of Shai Hulud Malware Found in npm Registry
January 5, 2026
Cybersecurity experts uncover a new Shai Hulud malware strain in the npm registry, stressing the importance of vigilant security practices
BlackCat Ransomware Campaign Culminates in Guilty Pleas from Ex-Employees
December 31, 2025
Ex-Sygnia and DigitalMint employees confessed to deploying BlackCat ransomware against U.S. companies in 2023, using their insider knowledge for malicious
Ransomware Attack Disrupts Operations at Romania’s Oltenia Energy Complex During Christmas
December 29, 2025
Oltenia Energy Complex, Romania’s primary coal-based energy producer, faced a ransomware attack on the second day of Christmas, severely impacting
MacSync Malware Distributed via Signed Swift Application
December 22, 2025
The evolution of MacSync malware allows seamless operation without requiring direct user terminal interaction. Distribution via a signed Swift application
Ukrainian Nefilim Ransomware Affiliate Pleads Guilty in U.S.
December 22, 2025
Artem Stryzhak, an alleged affiliate of the Nefilim ransomware group, has pleaded guilty to conspiracy to commit computer fraud in
Clop Ransomware Breach Compromises University of Phoenix Data
December 22, 2025
The personal information of nearly 3.5 million University of Phoenix students, staff, and suppliers has been compromised due to a
The Kimwolf Android Botnet Poses a Significant Threat to Mobile Security
December 22, 2025
The Kimwolf Android botnet, uncovered by XLab, has compromised more than 1.8 million devices globally. With over 1.7 billion DDoS
Threat actors
Termite Ransomware: The Silent Invader
July 22, 2025
Termite ransomware, active since at least late 2024, targets high-profile organizations. Recent victims include Blue Yonder and Zschimmer & Schwarz,
SafePay Ransomware: LockBit’s Lonewolf Ghost
July 15, 2025
SafePay is a centralized ransomware group leveraging LockBit-derived code, stealthy infiltration, and rapid encryption—targeting SMEs and MSPs globally without using
Scattered Spider: The Threat You Think You Know
June 25, 2025
Scattered Spider isn’t a single group but a sprawling web of identity-based attackers exploiting help desks, MFA gaps, and cloud
Anubis Ransomware: A Destructive, Cross-Platform Threat
June 24, 2025
Anubis ransomware combines encryption and file-wiping capabilities, targeting Windows, Linux, and NAS systems with stealthy command-line execution and affiliate-driven campaigns
BlackSuit (Royal) Ransomware: Conti Ransomware Reborn
June 11, 2025
BlackSuit, formerly Royal, is a sophisticated ransomware group using multi-vector attacks, partial encryption, and double extortion to target global organizations,
INC Ransomware: Master of Double Extortion
June 10, 2025
INC Ransomware is a sophisticated and relatively new cybercriminal group known for its targeted ransomware attacks against corporate and organizational
Scattered Spider: A Web of Social Engineering
June 9, 2025
Scattered Spider, also known as UNC3944, is a financially motivated cybercriminal group known for its sophisticated social engineering tactics and
APT40: Chinese State Sponsored APT
June 5, 2025
APT40, also known as ATK29, BRONZE MOHAWK, G0065, GADOLINIUM, Gingham Typhoon, ISLANDDREAMS, ITG09, KRYPTONITE PANDA, Leviathan, MUDCARP, Red Ladon, TA423,
GhostSec: From Hacktivist Roots to RaaS Powerhouse
June 4, 2025
GhostSec evolved from anti-ISIS hacktivists into a global ransomware threat, deploying GhostLocker via RaaS and targeting critical infrastructure with sophisticated,
Sodinokibi/REvil Ransomware: The Evasive Threat
May 5, 2025
Overview Sodinokibi, also known as REvil, is a highly prolific and sophisticated ransomware-as-a-service (RaaS) operation active since at least April
Qilin Ransomware: Tactics, Techniques, Procedures and Mitigation
April 23, 2025
Qilin ransomware, a potent threat emerging in 2022, has rapidly gained notoriety. This blog post delves into its advanced tactics,
Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos
April 22, 2025
Evil Corp, a prolific Russian cybercrime syndicate, deploys sophisticated malware and ransomware, targeting diverse sectors globally, including healthcare and finance,
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.