-
Volkswagen Group is investigating claims from the 8Base ransomware group, which asserts it has stolen sensitive company data. While the German automaker has stated that its core IT systems are secure, its response leaves open the possibility of a breac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Qilin ransomware–an increasingly prolific ransomware-as-a-service (RaaS) operation–has intensified its global extortion campaigns by exploiting a covert network of bulletproof hosting (BPH) providers. These rogue hosting services, often headquartered i…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A major manufacturing company fell victim to a swift and devastating ransomware attack after threat actors gained access using just one set of stolen VPN credentials. The attack, carried out by the cybercrime group Ignoble Scorpius, culminated in wides…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The BlackSuit ransomware group, tracked as Ignoble Scorpius by cybersecurity experts, devastated a prominent manufacturer’s operations. The attack, detailed in a recent Unit 42 report from Palo Alto Networks, began with something as simple as compromised VPN credentials, escalating into widespread encryption and data theft that could have cost millions. This incident underscores the escalating […] The post BlackSuit Ransomware Actors Breached Corporate Environment, Including 60+ VMware ESXi Hosts appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency has added a critical vulnerability in Rapid7 Velociraptor to its Known Exploited Vulnerabilities catalogue, warning that threat actors are actively exploiting the flaw in ransomware attacks. The vuln…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A significant uptick in Akira ransomware attacks has been observed exploiting unpatched SonicWall SSL VPN devices between July and August 2025. Despite a patch release the same day, many organizations remained vulnerable, allowing threat actors to gain…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
LLM-enabled malware poses new challenges for detection and threat hunting as malicious logic can be generated at runtime rather than embedded in code. Our research discovered hitherto unknown samples, and what may be the earliest example known to date …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have identified what is believed to be the earliest known instance of malware that leverages a Large Language Model (LLM) to generate malicious code at runtime. Dubbed ‘MalTerminal’ by SentinelLABS, the malware uses OpenAI’s GPT-4 to dynamically create ransomware code and reverse shells, presenting a new and formidable challenge for detection and threat […] The post LLM-enabled MalTerminal Malware Leverages GPT-4 to Generate Ransomware Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Organizations using Oracle E-Business Suite must apply the October 4 emergency patches immediately to mitigate active, in-the-wild exploitation by CL0P extortion actors and hunt for malicious templates in their databases. Beginning September 29, 2025, …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Cisco Talos have confirmed that ransomware operators are actively exploiting Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in their attacks. This marks the first definitive link between a legitimate security tool and a ransomware incident. The campaign, which deployed three separate ransomware strains, is attributed with moderate confidence to […] The post Hackers Exploit DFIR Tool ‘Velociraptor’ in Ransomware Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
