17 articles and related resources
Two former cybersecurity professionals have been convicted for orchestrating ransomware attacks using the BlackCat malware, highlighting the risks of insider th
Former ransomware negotiator Angelo Martino pleads guilty to conspiring with BlackCat ransomware group, highlighting insider threats in cybersecurity.
BlackNevas ransomware targeted a Hong Kong lifestyle brand, leading to data exfiltration and operational disruptions, highlighting the need for robust cybersecu
In April 2026, a ransomware campaign exploited Veeam Backup & Replication vulnerabilities, leading to significant data loss and operational disruptions.
Iranian state-sponsored group MuddyWater exploited Microsoft Teams in a sophisticated cyber-espionage campaign, deploying Chaos ransomware as a false flag to ex
Over 415,000 RDP servers are exposed online, posing a significant security risk, with the US and China leading in instances.
The Gentlemen ransomware, a rapidly expanding RaaS operation since June 2025, poses significant global threats with its cross-platform capabilities.
The Warlock ransomware group has rapidly escalated its operations, posing a severe threat to governments and enterprises worldwide.
The British Library has been targeted by the Rhysida ransomware group, resulting in the encryption of critical data and raising concerns about cybersecurity in
Microsoft identifies Storm-2755, a threat actor targeting Canadian payroll systems to divert employee salaries.
Iranian-linked APT groups escalate ransomware attacks on Middle East critical infrastructure, targeting sectors like government, telecom, defense, and banking.
Microsoft identifies Storm-1175 exploiting zero-day vulnerabilities to deploy Medusa ransomware within 24 hours, targeting multiple sectors globally.
Storm-1175 exploits web vulnerabilities to deploy Medusa ransomware rapidly, emphasizing the need for robust cybersecurity measures.
Interlock ransomware exploits CVE-2026-20131 in Cisco Secure Firewall, leading to unauthorized access and data encryption. Organizations urged to apply patches
In February 2026, the Iranian-linked ransomware group Pay2Key targeted a U.S. healthcare organization, highlighting the ongoing cyber threats to critical infras
On March 11, 2026, the Iranian-linked hacker group Handala launched a significant cyberattack against Stryker Corporation, disrupting global operations and affe
In September 2025, the Maryland Department of Transportation suffered a ransomware attack by the Rhysida group, exposing sensitive data and disrupting services.
Cl0p ransomware exploits Oracle EBS zero-day vulnerabilities, compromising sensitive data across numerous enterprises and highlighting the need for robust cyber
CloudSEK's new guide offers 12 expert tips to help businesses prevent ransomware attacks, including patch management, MFA, and network segmentation.