Qilin Dominates Ransomware Market Amid Growing Cybercrime Consolidation
The ransomware landscape is reconsolidating around major players, with Qilin emerging as the leading RaaS operation, researchers say
20 articles
The ransomware landscape is reconsolidating around major players, with Qilin emerging as the leading RaaS operation, researchers say
Researchers warn that collaboration could lead to “unprecedented” ransomware attacks, as FBI also issues warning
Sysdig reports an AI agent ran a full ransomware attack end-to-end, exploiting flaws, stealing creds, moving laterally, and encrypting data without humans. S...
Attack demonstrates how LLM agents can combine known exploitation techniques with real-time reasoning to automate complex, multi-stage intrusions. The post A...
The LLM fixed a failed login attempt within 31 seconds, demonstrating real-time adaptability.
Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability to obtain initia...
Who Are The Gentlemen? Despite the impeccably polite name, there is nothing polite or refined about this particular gang of cybercriminals.
This week’s security news is mostly about weak spots. Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways.
Researchers say credentials harvested from hundreds of thousands of FortiGate firewalls are being used to facilitate ransomware attacks by the INC and Lynx o...
Bitdefender researchers warned of curious ransomware campaign which has targeted businesses around the world
The campaign targets small businesses with fearmongering emails.
FortiBleed exposed 430,000 FortiGate firewalls, linked to INC Ransom and Lynx, enabling domain compromise and at least 12 ransomware attacks. SOCRadar’s Thre...
A new Sysdig report traces how an LLM agent abused a Langflow flaw, stole credentials, reached production MySQL, and destroyed Nacos config data in minutes f...
Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team call...
The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that the verified, st...
The first instance of agentic ransomware: JADEPUFFER, an LLM-driven extortion operation that automated an end-to-end database-crippling campaign.
Hacking gear that once sat in well-funded labs now ships to anyone with a credit card and a video tutorial. Frank Riccardi builds his consumer guide, CTRL+AL...
A novel, practical ransomware technique that runs entirely inside the browser by abusing the File System Access API, demonstrating how AI can turn high-level...
A direct operational link between the large-scale FortiBleed credential-harvesting campaign and two active ransomware-as-a-service (RaaS) groups: INC Ransom ...
Corporate networks keep sensitive files off individual workstations and store them on shared servers that staff reach through mapped network drives. That arr...