-
RansomHouse upgrades encryption with multi-layered data processing
The RansomHouse ransomware-as-a-service (RaaS) has recently upgraded its encryptor, switching from a relatively simple single-phase linear technique to a more complex, multi-layered method.
- December 20, 2025
- 10:23 AM
0
-
CyberVolk’s ransomware debut stumbles on cryptography weakness
The pro-Russia hacktivist group CyberVolk launched a ransomware-as-a-service (RaaS) called VolkLocker that suffered from serious implementation flaws, allowing victims to potentially decrypt files for free.
- December 13, 2025
- 10:11 AM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters
An in-development build of the upcoming ShinySp1d3r ransomware-as-a-service platform has surfaced, offering a preview of the upcoming extortion operation.
- November 19, 2025
- 08:01 AM
- 0
-
CISA warns of Akira ransomware Linux encryptor targeting Nutanix VMs
US government agencies are warning that the Akira ransomware operation has been spotted encrypting Nutanix AHV virtual machines in attacks.
- November 13, 2025
- 05:32 PM
- 0
-
Qilin ransomware abuses WSL to run Linux encryptors in Windows
The Qilin ransomware operation was spotted executing Linux encryptors in Windows using Windows Subsystem for Linux (WSL) to evade detection by traditional security tools.
- October 28, 2025
- 03:11 PM
- 0
-
UK govt backs JLR with £1.5 billion loan guarantee after cyberattack
The UK Government is providing Jaguar Land Rover (JLR) with a £1.5 billion loan guarantee to restore its supply chain after a catastrophic cyberattack forced the automaker to halt production.
- September 29, 2025
- 12:31 PM
- 2
-
VanHelsing ransomware builder leaked on hacking forum
The VanHelsing ransomware-as-a-service operation published the source code for its affiliate panel, data leak blog, and Windows encryptor builder after an old developer tried to sell it on the RAMP cybercrime forum.
- May 20, 2025
- 03:06 PM
- 0
-
US charges Russian-Israeli as suspected LockBit ransomware coder
The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group.
- December 20, 2024
- 11:48 AM
- 0
-
Meet Interlock — The new ransomware targeting FreeBSD servers
A relatively new ransomware operation named Interlock attacks organizations worldwide, taking the unusual approach of creating an encryptor to target FreeBSD servers.
- November 03, 2024
- 04:09 PM
- 4
-
Halliburton cyberattack linked to RansomHub ransomware gang
The RansomHub ransomware gang is behind the recent cyberattack on oil and gas services giant Halliburton, which disrupted the company's IT systems and business operations.
- August 29, 2024
- 05:06 PM
- 0
-
Surge in Magniber ransomware attacks impact home users worldwide
A massive Magniber ransomware campaign is underway, encrypting home users' devices worldwide and demanding thousand-dollar ransoms to receive a decryptor.
- August 04, 2024
- 10:17 AM
- 2
-
LockBit ransomware returns to attacks with new encryptors, servers
The LockBit ransomware gang is once again conducting attacks, using updated encryptors with ransom notes linking to new servers after last week's law enforcement disruption.
- February 28, 2024
- 01:31 PM
- 0
-
LockBit ransomware secretly building next-gen encryptor before takedown
LockBit ransomware developers were secretly building a new version of their file encrypting malware, dubbed LockBit-NG-Dev - likely a future LockBit 4.0, when law enforcement took down the cybercriminal's infrastructure earlier this week.
- February 22, 2024
- 08:51 AM
- 0
-
Linux version of Qilin ransomware focuses on VMware ESXi
A sample of the Qilin ransomware gang's VMware ESXi encryptor has been found and it could be one of the most advanced and customizable Linux encryptors seen to date.
- December 03, 2023
- 04:07 PM
- 0
-
VX-Underground malware collective framed by Phobos ransomware
A new Phobos ransomware variant frames the popular VX-Underground malware-sharing collective, indicating the group is behind attacks using the encryptor.
- November 20, 2023
- 03:42 PM
- 0
-
HelloKitty ransomware source code leaked on hacking forum
A threat actor has leaked the complete source code for the first version of the HelloKitty ransomware on a Russian-speaking hacking forum, claiming to be developing a new, more powerful encryptor.
- October 09, 2023
- 08:25 AM
- 0
-
The Week in Ransomware - August 18th 2023 - LockBit on Thin Ice
While there was quite a bit of ransomware news this week, the highlighted story was the release of Jon DiMaggio's third article in the Ransomware Diaries series, with the focus of this article on the LockBit ransomware operation.
- August 18, 2023
- 05:07 PM
- 0
-
Microsoft: BlackCat's Sphynx ransomware embeds Impacket, RemCom
Microsoft has discovered a new version of the BlackCat ransomware that embeds the Impacket networking framework and the Remcom hacking tool, both enabling spreading laterally across a breached network.
- August 17, 2023
- 06:05 PM
- 0
-
Monti ransomware targets VMware ESXi servers with new Linux locker
The Monti ransomware has returned to action after a two-month hiatus, now targeting primarily legal and government organizations, and VMware ESXi servers using a new Linux variant that is vastly different from its predecessors.
- August 14, 2023
- 12:12 PM
- 0
-
Linux version of Abyss Locker ransomware targets VMware ESXi servers
The Abyss Locker operation is the latest to develop a Linux encryptor to target VMware's ESXi virtual machines platform in attacks on the enterprise.
- July 29, 2023
- 11:17 AM
- 0
0
- 1
- 2
