26 articles and related resources
Vect and TeamPCP's alliance marks a new era in ransomware, combining credential theft with advanced deployment for industrialized attacks.
The FortiBleed credential-harvesting campaign has been linked to INC and Lynx ransomware attacks, emphasizing the need for enhanced network security measures.
In June 2026, the Qilin ransomware group exploited a critical zero-day vulnerability in Check Point VPNs, CVE-2026-50751, to infiltrate corporate networks globa
In June 2026, the Cl0p ransomware group exploited a critical vulnerability in MOVEit Transfer, leading to significant data breaches across multiple organization
In June 2026, the Qilin ransomware group launched a series of aggressive cyberattacks, claiming 15 new victims across nine countries within a 72-hour period.
DragonForce ransomware exploited Microsoft Teams' relay servers to stealthily infiltrate a major U.S. services firm, highlighting evolving cyberattack tactics.
Check Point's critical VPN vulnerability CVE-2026-50751 has been exploited by the Qilin ransomware group, prompting urgent patching and security measures.
The Silent Ransom Group's blend of cyber and physical intrusions highlights the evolving threat landscape, necessitating comprehensive security measures.
The Gentlemen ransomware has rapidly escalated into a significant global cyber threat, compromising over 320 victims by April 2026.
NoName057(16) launches 'Patriotic Online Games,' targeting European entities supporting Ukraine through cyberattacks.
Microsoft's recent takedown of Fox Tempest, a malware-signing-as-a-service platform, marks a significant step in protecting critical sectors from sophisticated
The Gentlemen ransomware has rapidly become the second most active RaaS operation in 2026, exploiting FortiGate and Cisco vulnerabilities to target critical sec
Cl0p ransomware exploits zero-day vulnerabilities in MFT software, compromising thousands of organizations and highlighting the need for enhanced cybersecurity
Foxconn confirms a ransomware attack by Nitrogen, disrupting North American operations and compromising 8TB of sensitive data.
Two former cybersecurity professionals have been convicted for orchestrating ransomware attacks using the BlackCat malware, highlighting the risks of insider th
Former ransomware negotiator Angelo Martino pleads guilty to conspiring with BlackCat ransomware group, highlighting insider threats in cybersecurity.
BlackNevas ransomware targeted a Hong Kong lifestyle brand, leading to data exfiltration and operational disruptions, highlighting the need for robust cybersecu
In April 2026, a ransomware campaign exploited Veeam Backup & Replication vulnerabilities, leading to significant data loss and operational disruptions.
Iranian state-sponsored group MuddyWater exploited Microsoft Teams in a sophisticated cyber-espionage campaign, deploying Chaos ransomware as a false flag to ex
Over 415,000 RDP servers are exposed online, posing a significant security risk, with the US and China leading in instances.
The Gentlemen ransomware, a rapidly expanding RaaS operation since June 2025, poses significant global threats with its cross-platform capabilities.
The Warlock ransomware group has rapidly escalated its operations, posing a severe threat to governments and enterprises worldwide.
The British Library has been targeted by the Rhysida ransomware group, resulting in the encryption of critical data and raising concerns about cybersecurity in
Microsoft identifies Storm-2755, a threat actor targeting Canadian payroll systems to divert employee salaries.
Iranian-linked APT groups escalate ransomware attacks on Middle East critical infrastructure, targeting sectors like government, telecom, defense, and banking.
Microsoft identifies Storm-1175 exploiting zero-day vulnerabilities to deploy Medusa ransomware within 24 hours, targeting multiple sectors globally.
Storm-1175 exploits web vulnerabilities to deploy Medusa ransomware rapidly, emphasizing the need for robust cybersecurity measures.
Interlock ransomware exploits CVE-2026-20131 in Cisco Secure Firewall, leading to unauthorized access and data encryption. Organizations urged to apply patches
In February 2026, the Iranian-linked ransomware group Pay2Key targeted a U.S. healthcare organization, highlighting the ongoing cyber threats to critical infras
On March 11, 2026, the Iranian-linked hacker group Handala launched a significant cyberattack against Stryker Corporation, disrupting global operations and affe
In September 2025, the Maryland Department of Transportation suffered a ransomware attack by the Rhysida group, exposing sensitive data and disrupting services.
Cl0p ransomware exploits Oracle EBS zero-day vulnerabilities, compromising sensitive data across numerous enterprises and highlighting the need for robust cyber
CloudSEK's new guide offers 12 expert tips to help businesses prevent ransomware attacks, including patch management, MFA, and network segmentation.