FortiBleed credential-theft campaign linked to Lynx ransomware
The massive FortiBleed credential theft campaign has been linked to the INC and Lynx ransomware operations, suggesting the stolen Fortinet credentials were i...
20 articles
The massive FortiBleed credential theft campaign has been linked to the INC and Lynx ransomware operations, suggesting the stolen Fortinet credentials were i...
Ransomware-proof backup planning helps IT teams protect clean data copies, isolate storage, test recovery, and keep operations running after cyber attacks fast.
Fake Interpol investigation emails are targeting small businesses with Proton Drive links that deliver ransomware, encrypt files, and route victims to Tox chat.
Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-ma...
CISA confirms BlueHammer (CVE-2026-33825) is now used in ransomware attacks to gain SYSTEM privileges through Microsoft Defender. BlueHammer, tracked as CVE-...
Research by: Alexey Bukhteyev Key Takeaways Introduction Over the past several years, large language models have reshaped software development, and malware d...
Hackers increasingly rely on vulnerable, legitimately signed Windows drivers to neutralize endpoint defenses, turning defense evasion into a decisive phase o...
Police arrested the alleged admin of XSS.is, a major cybercrime forum whose trusted escrow service helped power the underground economy.
BumbleBee and AdaptixC2 are being used in a highly efficient intrusion chain that starts with Bing SEO poisoning and ends with Akira ransomware deployment, s...
SystemBC (also tracked as Coroxy) remains a versatile and persistent Windows malware family that operators routinely deploy to convert compromised hosts into...
The Blackfield ransomware gang is asking for a $2 million ransom from Nidec Corporation, a large Japanese manufacturer of electronic components for automotiv...
From outsourced labor to tiered pricing models, an inside look at how today's top ransomware threats operate less like rogue hackers and more like Fortune 50...
Report Fraud data reveals that more than half of 323 UK ransomware victims last year were SMEs
Kaspersky researchers analyze incidents related to The Gentlemen RaaS group, disclose their tools and TTPs, and find a new ransomware variant.
Woodgnat Hackers use Backdoor.Mistic, a stealthy RAT, to let brokers compromise networks and sell entry points to ransomware groups, putting firms at risk.
I work as a principal specialist at a pipeline operator where Operational Technology (OT) is the backbone of the business. I do not report to the board or ac...
Ransomware attacks against European organizations increased during the first months of 2026, with third-party suppliers becoming a major entry point for atta...
The Edgecution malware exploits the Chrome Native Messaging protocol to enable communication between browser extensions and native desktop applications.
Mistic is a stealthy backdoor used by KongTuke-linked actors to keep long-term access in ransomware-targeted networks. Mistic is the kind of backdoor that te...
A relatively new backdoor called Mistic has been deployed in multiple attacks since April 2026 targeting organizations in the insurance, education, IT, and p...