-
Ukrainian national Oleksii Lytvynenko has pleaded guilty in the US to wire fraud conspiracy linked to Conti ransomware, which hit more than 1,000 victims and generated at least $150 million in ransom payments.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by victims. This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
VECT 2.0 ransomware can leave victims with files that even the attacker’s own decryptor cannot reliably restore. While researchers previously exposed a cross-platform design flaw that discards nonces for earlier parts of large files, our Windows-focuse…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Payouts King ransomware has emerged as a notable post-BlackBasta threat, leveraging advanced obfuscation and direct system calls to evade endpoint detection and response (EDR) solutions. Threat activity observed in early 2026 shows strong overlaps with…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly analyzed leak tied to The Gentlemen ransomware group reveals how modern ransomware operations are evolving in structure and tooling while relying on the same proven intrusion techniques seen over the past four years. The leak also highlights op…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly analyzed ransomware strain, “The Gentlemen,” is raising concern among security researchers due to its ability to combine strong encryption with aggressive lateral movement. What makes this threat particularly dangerous is its use of SYSTEM-leve…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft Defender XDR has introduced automatic attack disruption capabilities that autonomously contain ransomware and sophisticated cyberattacks in real-time by isolating compromised assets. This advanced feature correlates millions of security signa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NightSpire has quickly emerged as a significant ransomware threat since its discovery in early 2025, combining classic double-extortion tactics with stealthy intrusion techniques. The malware not only encrypts victim data but also exfiltrates sensitive…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Payload ransomware is a new Windows ransomware family that combines ChaCha20 stream encryption with per-file Curve25519 ECDH key exchange, making victim data effectively unrecoverable without the attackers’ private key. It also implements strong anti-f…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Authorities in Europe have dismantled a major criminal VPN service known as “First VPN,” which was widely used by ransomware operators and cybercriminal groups to conceal their activities. The coordinated operation, led by French and Dutch authorities …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
