The leaks tied to the BlackBasta ransomware group and Russian hosting company Media Land pulled back the curtain on something defenders rarely get to see: the internal machinery and people behind a major ransomware operation. In February 2025, an unkno…

Security researchers have published an in‑depth technical analysis of the DragonForce ransomware operation, along with details of working decryptors for both Windows and ESXi systems targeting specific victims. By the time its dedicated Data Leak Site …

Large language models are not fundamentally transforming ransomware operations. However, they are dramatically accelerating the threat landscape through measurable gains in speed, volume, and multilingual capabilities. According to SentinelLABS researc…

Arctic Wolf Labs has uncovered a new ransomware variant dubbed “Fog” striking US organizations, primarily in education and recreation, through hijacked VPN access. First spotted on May 2, 2024, the attacks highlight vulnerabilities in remot…

Ransomware attacks don’t begin with encryption. They start with reconnaissance and security researchers just documented a significant reconnaissance operation that unfolded over the Christmas holiday. Between December 25 and 28, a single operator…

The cyber threat environment in Australia and New Zealand has entered a critical phase throughout 2025, marked by a dramatic surge in initial access sales, sophisticated ransomware operations, and widespread data breaches affecting essential sectors. A…

A sophisticated new ransomware variant, CrazyHunter, has emerged as a critical threat to the healthcare sector, employing advanced anti-malware evasion techniques and rapid network propagation that have security researchers deeply concerned. Trellix, w…

LockBit has solidified its position as the most prolific ransomware-as-a-service (RaaS) operation globally, accounting for approximately 21% of all documented ransomware attacks in 2023, following its dominance of 30.25% during the 2021-2022 period. Th…