-
A fully operational TheGentlemen ransomware toolkit on an exposed server, revealing victim credentials, ngrok tokens, and a complete pre-encryption playbook. This led them to an unauthenticated HTTP server at 176.120.22[.]127:80, hosted by Russian bull…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers at WatchGuard have identified a new phishing campaign targeting companies in Venezuela. Using malicious SVG image files…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Wi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A United States federal court has sentenced Aleksei Volkov, a 26-year-old Russian national, to 81 months in prison for operating as an initial access broker. Volkov played a critical part in enabling major cybercrime syndicates, including the Yanluowan…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran’s time zone or have Farsi set as the default language.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
LeakNet is scaling its ransomware operation by pairing mass-market ClickFix lures with a stealthy Deno-based loader that executes almost entirely in memory, shrinking the window for defenders to intervene. Ransomware operator LeakNet is currently avera…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google is warning that ransomware gangs are reinventing their business model as traditional encryption‑for‑ransom attacks become less profitable and data‑theft extortion surges. Better cybersecurity controls, improved backup strategies, and stronger r…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new ransomware operation called Payload is rapidly emerging as a serious threat to both Windows and VMware ESXi environments, combining Babuk-style cryptography with aggressive anti-forensics and a working double-extortion model. The group claims to …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ransomware group Hive0163 is experimenting with a likely AI-generated malware framework, dubbed “Slopoly,” marking a visible shift toward AI-assisted tooling in attacks. While the malware itself is simple, its use shows how quickly threat actors can no…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An unprecedented international law enforcement effort has successfully dismantled a massive cybercrime network. Coordinated by INTERPOL, the initiative targeted critical infrastructure used in phishing, malware, and ransomware campaigns worldwide. Oper…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
