-
US cybersecurity experts plead guilty to BlackCat ransomware attacks
Two former employees of cybersecurity incident response companies Sygnia and DigitalMint have pleaded guilty to targeting U.S. companies in BlackCat (ALPHV) ransomware attacks in 2023.
- December 30, 2025
- 10:25 AM
2
-
Romanian energy provider hit by Gentlemen ransomware attack
A ransomware attack hit Oltenia Energy Complex (Complexul Energetic Oltenia), Romania's largest coal-based energy producer, on the second day of Christmas, taking down its IT infrastructure.
- December 29, 2025
- 09:26 AM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Interpol-led action decrypts 6 ransomware strains, arrests hundreds
An Interpol-coordinated initiative called Operation Sentinel led to the arrest of 574 individuals and the recovery of $3 million linked to business email compromise, extortion, and ransomware incidents.
- December 22, 2025
- 01:38 PM
- 0
-
Romanian water authority hit by ransomware attack over weekend
Romanian Waters (Administrația Națională Apele Române), the country's water management authority, was hit by a ransomware attack over the weekend.
- December 22, 2025
- 10:25 AM
- 0
-
University of Phoenix data breach impacts nearly 3.5 million individuals
The Clop ransomware gang has stolen the data of nearly 3.5 million University of Phoenix (UoPX) students, staff, and suppliers after breaching the university's network in August.
- December 22, 2025
- 09:18 AM
- 1
-
Ukrainian hacker admits affiliate role in Nefilim ransomware gang
A Ukrainian national pleaded guilty on Friday to conducting Nefilim ransomware attacks that targeted high-revenue businesses across the United States and other countries.
- December 22, 2025
- 04:46 AM
- 0
-
RansomHouse upgrades encryption with multi-layered data processing
The RansomHouse ransomware-as-a-service (RaaS) has recently upgraded its encryptor, switching from a relatively simple single-phase linear technique to a more complex, multi-layered method.
- December 20, 2025
- 10:23 AM
- 0
-
Clop ransomware targets Gladinet CentreStack in data theft attacks
The Clop ransomware gang is targeting Internet-exposed Gladinet CentreStack file servers in a new data theft extortion campaign.
- December 18, 2025
- 03:16 PM
- 0
-
US seizes E-Note crypto exchange for laundering ransomware payments
Law enforcement has seized the servers and domains of the E-Note cryptocurrency exchange, allegedly used by cybercriminal groups to launder more than $70 million.
- December 18, 2025
- 11:13 AM
- 0
-
Critical React2Shell flaw exploited in ransomware attacks
A ransomware gang exploited the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate networks and deployed the file-encrypting malware less than a minute later.
- December 17, 2025
- 11:09 AM
- 0
-
The Hidden Risk in Virtualization: Why Hypervisors are a Ransomware Magnet
Ransomware groups are targeting hypervisors to maximize impact, allowing a single breach to encrypt dozens of virtual machines at once. Drawing on real-world incident data, Huntress explains how attackers exploit visibility gaps at the hypervisor layer and outlines steps orgs can take to harden virtualization infrastructure.
- December 16, 2025
- 10:01 AM
- 0
-
Askul confirms theft of 740k customer records in ransomware attack
Japanese e-commerce giant Askul Corporation has confirmed that RansomHouse hackers stole around 740,000 customer records in the ransomware attack it suffered in October.
- December 15, 2025
- 06:13 PM
- 0
-
CyberVolk’s ransomware debut stumbles on cryptography weakness
The pro-Russia hacktivist group CyberVolk launched a ransomware-as-a-service (RaaS) called VolkLocker that suffered from serious implementation flaws, allowing victims to potentially decrypt files for free.
- December 13, 2025
- 10:11 AM
- 0
-
Ransomware IAB abuses EDR for stealthy malware execution
An initial access broker tracked as Storm-0249 is abusing endpoint detection and response solutions and trusted Microsoft Windows utilities to load malware, establish communication, and persistence in preparation for ransomware attacks.
- December 09, 2025
- 10:24 AM
- 0
-
Ransomware gangs turn to Shanya EXE packer to hide EDR killers
Several ransomware groups have been spotted using a packer-as-a-service (PaaS) platform named Shanya to assist in EDR (endpoint detection and response) killing operations.
- December 08, 2025
- 07:00 PM
- 0
-
FinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024
A new report by the Financial Crimes Enforcement Network (FinCEN) shows that ransomware activity peaked in 2023 before falling in 2024, following a series of law enforcement actions targeting the ALPHV/BlackCat and LockBit ransomware gangs.
- December 08, 2025
- 04:07 PM
- 0
-
Barts Health NHS discloses data breach after Oracle zero-day hack
Barts Health NHS Trust has announced that Clop ransomware actors have stolen files from a database by exploiting a vulnerability in its Oracle E-business Suite software.
- December 05, 2025
- 01:55 PM
- 0
-
Pharma firm Inotiv discloses data breach after ransomware attack
American pharmaceutical firm Inotiv is notifying thousands of people that their personal information was stolen in an August 2025 ransomware attack.
- December 05, 2025
- 08:05 AM
- 2
-
Marquis data breach impacts over 74 US banks, credit unions
Financial software provider Marquis Software Solutions is warning that it suffered a data breach that impacted dozens of banks and credit unions across the US.
- December 03, 2025
- 05:06 PM
- 1
-
Deep dive into DragonForce ransomware and its Scattered Spider connection
DragonForce expanded its ransomware operation in 2025 by working with English-speaking hackers known for advanced social engineering and initial access. Acronis explains how the "Scattered Spider" collaboration enables coordinated, multistage intrusions across major environments.
- December 03, 2025
- 10:05 AM
- 0
0
