Main Menu

Threat Actor

GhostSec – From Hacktivist to Ransomware Warlord
Threat Actor
GhostSec – From Hacktivist to Ransomware Warlord
September 30, 2025
GhostSec evolved from hacktivist roots into a hybrid ransomware threat, using GhostLocker to target global sectors with encryption, extortion, and high-impact double-extortion campaigns.
Warlock Group / GOLD SALEM (aka Storm-2603) — Threat Profile
Threat Actor
Warlock Group / GOLD SALEM (aka Storm-2603) — Threat Profile
September 25, 2025
This threat actor profile examines the Warlock ransomware group, tracked as Storm-2603 and GOLD SALEM. Active since March 2025, Warlock exploits Microsoft SharePoint vulnerabilities to ...
Hackers Threaten Google with Data Leak Unless it Fires Threat Intelligence Employees
Cybersecurity
Hackers Threaten Google with Data Leak Unless it Fires Threat Intelligence Employees
September 3, 2025
Hackers calling themselves Scattered LapSus Hunters threatened to leak Google databases unless two employees are dismissed, linking their demand to recent Salesforce-driven phishing attacks.
Lynx Ransomware: INC Ransomware Reincarnated
Resources
Lynx Ransomware: INC Ransomware Reincarnated
July 29, 2025
The Lynx ransomware group is a financially motivated threat actor operating under a Ransomware-as-a-Service (RaaS) model. Emerging as a successor to the INC ransomware group ...
Fog Ransomware: Data in the Mist
Resources
Fog Ransomware: Data in the Mist
July 24, 2025
Fog ransomware, a prolific and secretive threat actor, targets organizations globally, deploying sophisticated multi-stage attacks resulting in data encryption and exfiltration. Victims span various sectors. ...
Termite Ransomware: The Silent Invader
Resources
Termite Ransomware: The Silent Invader
July 22, 2025
Termite ransomware, active since at least late 2024, targets high-profile organizations. Recent victims include Blue Yonder and Zschimmer & Schwarz, highlighting its broad reach and ...
INC Ransomware: TTPs, Impact and Mitigation
Blog
INC Ransomware: TTPs, Impact and Mitigation
June 30, 2025
INC Ransomware is a sophisticated threat actor employing advanced techniques for devastating double extortion attacks. This in-depth analysis reveals their methods, targets, and the critical ...
BlackSuit (Royal) Ransomware: Conti Ransomware Reborn
Resources
BlackSuit (Royal) Ransomware: Conti Ransomware Reborn
June 11, 2025
BlackSuit, formerly Royal, is a sophisticated ransomware group using multi-vector attacks, partial encryption, and double extortion to target global organizations, including critical infrastructure. Their operations ...
INC Ransom: Master of Double Extortion
Ransomware
INC Ransomware: Master of Double Extortion
June 10, 2025
INC Ransomware is a sophisticated and relatively new cybercriminal group known for its targeted ransomware attacks against corporate and organizational networks. They exhibit a high ...
Sodinokibi/REvil Ransomware: The Evasive Threat
Threat Actor
Sodinokibi/REvil Ransomware: The Evasive Threat
May 5, 2025
Overview Sodinokibi, also known as REvil, is a highly prolific and sophisticated ransomware-as-a-service (RaaS) operation active since at least April ...
Load More
Trending
UpCrypter Phishing Campaign Exploits Fake Emails to Deliver RAT Payloads
Deepfake Vishing Incidents Surge by 170% in Q2 2025
ClickFix Phishing Campaign Targets Booking.com Using Infostealers and RATs
Darcula PhaaS 3.0 Auto-Generates Phishing Kits for Any Brand
Sophisticated Gmail Attacks Target Users: FBI Issues “Do Not Click” Alert
This Facebook Phishing Attack Could Steal EVERYTHING!
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.