-
A sophisticated ransomware operation known as Cephalus has emerged as a significant cybersecurity threat since mid-2025, exploiting exposed Remote Desktop Protocol (RDP) services to breach organizations worldwide. Developed in the Go programming langua…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-volume phishing campaign leveraging the Phorpiex botnet has been distributing GLOBAL GROUP ransomware through weaponized Windows shortcut files. The attack begins with an email attachment named Document.doc.lnk. Windows’ default behavior o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Global Group ransomware is delivered through phishing emails and can encrypt files offline without any internet connection.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recent campaign by the Black Basta ransomware group has revealed a significant shift in attack tactics. This is a departure from standard operations, where attackers typically deploy a separate tool to turn off security software before running the ac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ShadowSyndicate, a sophisticated cybercrime cluster first identified in 2023, has evolved its infrastructure management tactics by implementing a previously unreported server transition technique. This method involves rotating SSH fingerprints across m…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
DragonForce is a ransomware group that emerged in late 2023 and has grown into a serious threat to businesses by combining data theft with file encryption. The group uses dual extortion: it steals sensitive data, encrypts systems, and then threatens to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Interlock ransomware operators have been observed using a new process‑killing tool that abuses a zero‑day flaw in a gaming anti‑cheat kernel driver to try to shut down endpoint defenses (EDR/AV). The activity was documented during an intrusion agains…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Everest ransomware claims a breach involving legacy Polycom systems later acquired by HP Inc., alleging the theft of 90GB of internal data.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators… Read More »
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A widespread ransomware campaign targeting misconfigured MongoDB databases continues to compromise thousands of servers worldwide, with attackers exploiting internet-exposed instances that lack basic authentication controls. Recent research reveals tha…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
