-
DragonForce is a ransomware group that emerged in late 2023 and has grown into a serious threat to businesses by combining data theft with file encryption. The group uses dual extortion: it steals sensitive data, encrypts systems, and then threatens to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Interlock ransomware operators have been observed using a new process‑killing tool that abuses a zero‑day flaw in a gaming anti‑cheat kernel driver to try to shut down endpoint defenses (EDR/AV). The activity was documented during an intrusion agains…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Everest ransomware claims a breach involving legacy Polycom systems later acquired by HP Inc., alleging the theft of 90GB of internal data.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators… Read More »
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A widespread ransomware campaign targeting misconfigured MongoDB databases continues to compromise thousands of servers worldwide, with attackers exploiting internet-exposed instances that lack basic authentication controls. Recent research reveals tha…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
As users continue to assess the Under Armour data breach, WorldLeaks, the rebranded version of the Hunters International…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered ransomware family, Osiris, targeted a major foodservice franchisee in Southeast Asia in November 2025. Despite sharing a name with a 2016 Locky ransomware variant, security researchers confirm this represents an entirely new threat w…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
LockBit 5.0 affiliate panel provide unprecedented visibility into the infrastructure of one of the world’s most notorious ransomware-as-a-service (RaaS) operations. Following the high-profile Operation Cronos disruption, security researchers have…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated campaign has weaponized over 2,500 variants of a legitimate security driver to disable endpoint protection before deploying ransomware and remote access trojans. Attackers are abusing truesight.sys, a kernel-mode driver from Adlice Soft…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The notorious Everest ransomware group is claiming to have breached McDonald’s India, the Indian subsidiary of the American…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
