MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack i...
Ransomware
20 articles
Iranian APT Intrusion Masquerades as Chaos Ransomware Attack
Likely perpetrated by MuddyWater, the attack combined social engineering, persistence, credential harvesting, and data theft. The post Iranian APT Intrusion ...
Iran-Linked APT Posed as Chaos Ransomware Member in Espionage Campaign
Rapid7 reveals an Iranian false flag operation masquerading as a Chaos ransomware attack
Threat Activity Enablers: The Backbone of Today’s Threat Landscape
Behind every ransomware demand, botnet, or threat activity group is a server sitting in a data center.
U.S. court sentences Karakurt ransomware negotiator to 8.5 years
Deniss Zolotarjovs was sentenced to 8.5 years in the U.
Latvian national sentenced for ransomware attacks run by former Conti leaders
Deniss Zolotarjovs was mostly tasked with putting pressure on the Russia-based crew’s victims, in one case leaking hundreds of children’s health records. The...
Two American Cybersecurity Workers Jailed for BlackCat Ransomware Attacks
The cybersecurity workers used their knowledge and skills to conduct ransomware attacks for notorious gang, rather than protect victims against them
A Ransomware Negotiator Was Working for a Ransomware Gang
Someone pleaded guilty to secretly working for a ransomware gang as he negotiated ransomware payments for clients.
Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks
The U.S.
Former incident responders sentenced to 4 years in prison for committing ransomware attacks
Ryan Goldberg and Kevin Martin attacked five companies in 2023 and extorted nearly $1.3 million from one of their victims.
Critical Flaw Turns Vect Ransomware into Data Destroying Wiper
The Vect 2.
VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw in its encrypti...
VECT: Ransomware by design, Wiper by accident
Key Takeaways Background VECT Ransomware is a Ransomware-as-a-Service (RaaS) program that made its first appearance in December 2025 on a Russian-language cy...
Ransomware Turf War as 0APT and KryBit Groups Trade Blows
Ransomware groups 0APT and KryBit have doxxed each other online
Former Ransomware Negotiator Pleads Guilty to Working For BlackCat Cyber Gang
A former ransomware negotiator has pleaded guilty to abusing his position by working with noted cybercrime group BlackCat
Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained
Overview For executive leadership, the emergence of Kyber ransomware represents a significant and immediate threat due to its specialized, dual-platform depl...
The Gentlemen Ransomware Expands With Rapid Affiliate Growth
Gentlemen RaaS expands quickly with multi-platform attacks and SystemBC-linked infections
DFIR Report – The Gentlemen & SystemBC: A Sneak Peek Behind the Proxy
Key Points The Gentlemen RaaS The Gentlemen ransomware‑as‑a‑service (RaaS) operation is a relatively new group that emerged around mid‑2025. The operators ad...
Automotive Ransomware Attacks Double in a Year
Halcyon says ransomware now accounts for more than two-fifths of cyber-attacks targeting carmakers
Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month
Qilin, Akira and Dragonforce were responsible for 40% of 672 ransomware incidents reported in March, says Check Point